Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 5:1 p.m.2 views

CVE-2026-22503

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/25 6:31 p.m.0 views

EUVD-2026-15511

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

5.8AI score0.00172EPSS
Exploits0References2
NVD
NVDadded 2026/03/25 5:16 p.m.0 views

CVE-2026-22503

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

8.1CVSS0.00172EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/25 4:14 p.m.20 views

CVE-2026-22503 WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

8.1CVSS0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:14 p.m.0 views

CVE-2026-22503 WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
CVE
CVEadded 2026/03/25 4:14 p.m.4 views

CVE-2026-22503

CVE-2026-22503 relates to the WordPress Theme Nelson by ThemeREX, where an improper filename validation in PHP include/require statements leads to a PHP Local File Inclusion (LFI) vulnerability. Affected product: Nelson versions from unspecified until &lt;= 1.2.0. The NVD/Red Hat/patch sources de...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.1 views

PT-2026-27824

Name of the Vulnerable Software and Affected Versions ThemeREX Nelson versions n/a through 1.2.0 Description A flaw exists in ThemeREX Nelson due to improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion issue. The...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/03/25 12:0 a.m.2 views

WordPress plugin Nelson 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/03/05 11:16 a.m.1 views

WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nelson versions = 1.2.0...

5.8AI score0.00172EPSS
Exploits0Affected Software1
NVD
NVDadded 2025/08/14 7:15 p.m.2 views

CVE-2025-54740

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Nelson Print My Blog print-my-blog allows Stored XSS.This issue affects Print My Blog: from n/a through = 3.27.9...

6.5CVSS0.00051EPSS
Exploits0References1
CVE
CVEadded 2025/08/14 6:21 p.m.11 views

CVE-2025-54740

CVE-2025-54740 concerns the WordPress plugin Print My Blog (versions up to 3.27.9) and is a stored XSS vulnerability arising from improper input neutralization during web page generation. Exploitation context details in the connected sources confirm the vulnerability is tied to the plugin’s handl...

6.5CVSS5.9AI score0.00051EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/06/27 12:0 a.m.7 views

WordPress Print My Blog Plugin <= 3.27.0 is vulnerable to Cross Site Scripting (XSS)

Software Print My Blog Type Plugin Vulnerable versions = 3.27.0 Fixed in 3.27.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37271 Patch priority Low CVSS severity Low 5.9 Developer Michael Nelson PSID cf7d433e5eee Credits CatFather Required privilege Author...

5.9CVSS6.9AI score0.00148EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2024/05/06 8:15 p.m.7 views

CVE-2024-33907

Missing Authorization vulnerability in Michael Nelson Print My Blog print-my-blog.This issue affects Print My Blog: from n/a through = 3.26.2...

5.3CVSS5.8AI score0.004EPSS
Exploits0References2
Patchstack
Patchstackadded 2024/04/29 12:0 a.m.8 views

WordPress Print My Blog Plugin <= 3.26.2 is vulnerable to Broken Access Control

Software Print My Blog Type Plugin Vulnerable versions = 3.26.2 Fixed in 3.26.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33907 Patch priority Low CVSS severity Low 5.3 Developer Michael Nelson PSID 21993595be67 Credits Steven Julian Required privile...

5.3CVSS6.6AI score0.004EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbountyadded 2024/04/08 2:1 p.m.8 views

nelsonfenceco.com Cross Site Scripting vulnerability OBB-3909792

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2024/03/14 5:54 a.m.9 views

careers.nelson.ac.uk Cross Site Scripting vulnerability OBB-3871278

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2023/10/28 6:29 a.m.13 views

nelsonmendes.com Cross Site Scripting vulnerability OBB-3767213

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbountyadded 2023/01/17 1:38 p.m.6 views

katnelsondesigns.com Cross Site Scripting vulnerability OBB-3157672

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2022/08/10 9:48 a.m.10 views

nelsonbostock.com Cross Site Scripting vulnerability OBB-2834298

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2021/12/06 9:3 p.m.13 views

nelsonmestizo.com Cross Site Scripting vulnerability OBB-2294766

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder