50 matches found
BIT-JOOMLA-2026-40383 Joomla! Core - [20260509] - LFI in HTMLView layout parameter
An improper validation of user-supplied input leads to a local file inclusion vulnerability...
EUVD-2021-1190
Malware in sbrugna...
EUVD-2006-1680
Malware in sbrugna...
EUVD-2010-2862
Malware in sbrugna...
EUVD-2013-4733
Malware in sbrugna...
EUVD-2025-24546
Malicious code in bioql PyPI...
Reflected Cross Site Scripting (XSS)
microweber/microweber is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper validation of the layout parameter on the /admin/page/create page, which allows arbitrary JavaScript execution in the context of authenticated admin users...
CVE-2025-8142
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'headerlayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the serve...
CVE-2025-8142
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'headerlayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the serve...
CVE-2025-8142 Soledad <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout'
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'headerlayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the serve...
CVE-2025-8142
CVE-2025-8142 : Soledad theme for WordPress is affected by a Local File Inclusion vulnerability in versions up to 8.6.7 via the header_layout parameter. Authenticated users with Contributor+ can include and execute arbitrary PHP files on the server, enabling code execution and potential data acce...
PT-2025-33591 · WordPress · Soledad
Name of the Vulnerable Software and Affected Versions: Soledad theme for WordPress versions through 8.6.7 Description: The Soledad theme for WordPress is susceptible to a Local File Inclusion issue via the header layout parameter. This allows authenticated attackers with Contributor-level access ...
WordPress plugin Soledad 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2025-6715
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...
CVE-2025-6715
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...
CVE-2025-6715
CVE-2025-6715 affects the LatePoint WordPress plugin up to version 5.1.93; it allows unauthenticated Local File Inclusion via the layout parameter, enabling potential execution of PHP code on the server. Red Hat and other sources confirm the issue and indicate a fix is available in version 5.1.94...
CVE-2025-6715 Latepoint < 5.1.94 - Unauthenticated LFI
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...
CVE-2025-6715 Latepoint < 5.1.94 - Unauthenticated LFI
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...
PT-2025-32966 · WordPress · Latepoint Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: LatePoint WordPress plugin versions prior to 5.1.94 Description: The LatePoint WordPress plugin is susceptible to a Local File Inclusion issue via the layout parameter. This allows attackers to include and execute PHP files on the server,...
VulnCheck KEV: CVE-2025-6715
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...