CVE-2025-39387 WordPress Opstore theme <= 1.4.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpoperations Opstore opstore allows PHP Local File Inclusion.This issue affects Opstore: from n/a through = 1.4.5...

CVE-2025-39387 WordPress Opstore theme <= 1.4.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPoperation Opstore allows PHP Local File Inclusion. This issue affects Opstore: from n/a through 1.4.5...

WordPress Opstore theme <= 1.4.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Theme Opstore versions = 1.4.5...

WordPress Opstore theme <= 1.4.3 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress Opstore theme versions = 1.4.3. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

WordPress Opstore theme <= 1.4.3 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress Opstore theme versions = 1.4.3. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...

WordPress Opstore theme <= 1.4.3 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Opstore theme versions = 1.4.3. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores the...