6 matches found
CVE-2025-67995 WordPress PatioTime theme < 2.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime patiotime allows Object Injection.This issue affects PatioTime: from n/a through 2.1...
CVE-2025-67995
The CVE-2025-67995 entry concerns PatioTime (WordPress theme by LoftOcean) < 2.1, where deserialization of untrusted data enables PHP object injection. This aligns with Red Hat/NVD/NVD-enriched records and related Patchstack entries listing PatioTime
CVE-2025-67992 WordPress PatioTime theme < 2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue affects PatioTime: from n/a through 2.1...
CVE-2025-67992
CVE-2025-67992 is a Local File Inclusion vulnerability in the PatioTime WordPress theme from LoftOcean, affecting versions before 2.1. The issue is described as improper control of the filename used by include/require statements in PHP, enabling LFI. Connected documents confirm the affected produ...
WordPress PatioTime theme < 2.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PatioTime versions 2.1...
WordPress PatioTime theme < 2.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PatioTime versions 2.1...