69 matches found
CVE-2026-27093
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through 1.5.6...
CVE-2026-27093
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through 1.5.6...
CVE-2026-27093
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ovatheme Tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a before 1.5.6...
PT-2026-26256
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ovatheme Tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a before 1.5.6...
WordPress plugin Ovatheme Tripgo 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2025-69090
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Remons remons allows PHP Local File Inclusion.This issue affects Remons: from n/a through = 1.3.4...
EUVD-2025-208304
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Remons remons allows PHP Local File Inclusion.This issue affects Remons: from n/a through = 1.3.4...
CVE-2025-67963
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ovatheme Movie Booking movie-booking allows Path Traversal.This issue affects Movie Booking: from n/a through = 1.1.5...
CVE-2025-67963
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ovatheme Movie Booking movie-booking allows Path Traversal.This issue affects Movie Booking: from n/a through = 1.1.5...
CVE-2025-49994
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through = 1.1.6...
CVE-2025-67963
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ovatheme Movie Booking movie-booking allows Path Traversal.This issue affects Movie Booking: from n/a through = 1.1.5...
PT-2026-4042
Name of the Vulnerable Software and Affected Versions ovatheme Movie Booking versions through 1.1.5 Description A Path Traversal issue exists in ovatheme Movie Booking movie-booking. This allows an attacker to potentially access files and directories outside of the intended restricted directory...
WordPress Ovatheme Events Manager plugin unauthorized access vulnerability
WordPress Ovatheme Events Manager plugin is an event management plugin for the WordPress platform that is used to create and manage event calendars, ticket sales and other features. WordPress Ovatheme Events Manager plugin suffers from an unauthorized access vulnerability that stems from a lack o...
WordPress Ovatheme Events Manager plugin <= 1.8.6 - Missing Authorization vulnerability
Missing Authorization vulnerability discovered by Foxyyy in WordPress Plugin Ovatheme Events Manager versions = 1.8.6...
CVE-2025-7663
The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /class-ovaem-ajax.php file in all versions up to, and including, 1.8.6. This makes it possible for unauthenticated attackers to delete ticket files,...
EUVD-2025-38357
The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /class-ovaem-ajax.php file in all versions up to, and including, 1.8.6. This makes it possible for unauthenticated attackers to delete ticket files,...
CVE-2025-7663
The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /class-ovaem-ajax.php file in all versions up to, and including, 1.8.6. This makes it possible for unauthenticated attackers to delete ticket files,...
CVE-2025-7663
The CVE describes an unauthorized-access vulnerability in the WordPress Ovatheme Events Manager plugin, caused by missing capability checks in the /class-ovaem-ajax.php file. Affected versions are up to and including 1.8.6. The flaw allows unauthenticated attackers to perform privileged actions s...
PT-2025-45554
Name of the Vulnerable Software and Affected Versions Ovatheme Events Manager plugin for WordPress versions through 1.8.6 Description The Ovatheme Events Manager plugin for WordPress is susceptible to unauthorized access. A missing capability check on several functions within the...
WordPress plugin Ovatheme Events Manager 安全漏洞
WordPress Ovatheme Events Manager plugin is an event management plugin for the WordPress platform that is used to create and manage event calendars, ticket sales and other features. WordPress Ovatheme Events Manager plugin suffers from an unauthorized access vulnerability that stems from a lack o...