8 matches found
EUVD-2025-28328
Malicious code in bioql PyPI...
EUVD-2025-20007
Malicious code in bioql PyPI...
CVE-2025-49070
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Elessi elessi-theme allows PHP Local File Inclusion.This issue affects Elessi: from n/a through 6.4.1...
CVE-2025-49070
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Elessi elessi-theme allows PHP Local File Inclusion.This issue affects Elessi: from n/a through 6.4.1...
CVE-2025-49070
CVE-2025-49070 is a Local File Inclusion vulnerability in WordPress Elessi (Elessi-theme) before version 6.4.1. The issue arises from improper control of the filename in include/require statements, allowing an attacker to include local PHP files. Affected software: Elessi theme/plugin (WordPress)...
CVE-2025-49873
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Elessi elessi-theme allows Reflected XSS.This issue affects Elessi: from n/a through = 6.3.9...
CVE-2025-49873
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Elessi elessi-theme allows Reflected XSS.This issue affects Elessi: from n/a through = 6.3.9...
PT-2025-26331 · Unknown · Nasatheme Elessi
Name of the Vulnerable Software and Affected Versions: NasaTheme Elessi versions n/a through 6.3.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. Recommendations: For versions n/a...