CVE-2025-58709 WordPress Legacy theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Legacy legacy allows PHP Local File Inclusion.This issue affects Legacy: from n/a through = 1.9...

CVE-2025-58709

CVE-2025-58709 concerns WordPress Legacy theme

CVE-2025-58709 WordPress Legacy theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Legacy legacy allows PHP Local File Inclusion.This issue affects Legacy: from n/a through = 1.9...

EUVD-2015-5680

Malware in sbrugna...

WordPress Legacy theme <= 1.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Legacy versions = 1.9...

Cross-Site Scripting (XSS)

WordPress is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary webscript through the legacy theme preview implementation in wp-includes/theme.php by passing a string to it...

WordPress Multiple Vulnerabilities (Dec 2015) - Linux

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

DEBIAN-CVE-2015-5734

Cross-site scripting XSS vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string...

Cross site scripting

Cross-site scripting XSS vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string...

CVE-2015-5734

Cross-site scripting XSS vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string...

[SECURITY] [DLA 294-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb6u7 CVE ID : CVE-2015-2213 CVE-2015-5622 CVE-2015-5731 CVE-2015-5732 CVE-2015-5734 Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site...

[SECURITY] [DSA 3332-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3332-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst August 11, 2015 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3332-1 (wordpress - security update)

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site. CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved. The parsing is a bit more strict, which may affect yo...

Unspecified vulnerability in WordPress legacy theme

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. WordPress has a legacy theme preview unspecified vulnerability, no detailed vulnerability details are currently available...

WordPress Legacy Theme <= 4.2.3 - XSS

This vulnerability exists in the Legacy theme preview implementation in wp-includes/theme.php. It allows an attacker to inject arbitrary HTML or web script via a crafted string. Solution Update the theme...