32 matches found
CVE-2026-57743
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57744
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57745
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57743 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57744 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57745 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57744
The CVE-2026-57744 entry describes a PHP Object Injection vulnerability in the WordPress plugin RT-Theme 18 Extensions, affected versions up to and including 2.5. The root cause is Deserialization of Untrusted Data, enabling object injection. Impact is rated high (CVSS 3.1: 9.8, Confidentiality/I...
CVE-2026-57745
CVE-2026-57745 concerns a Reflected Cross-Site Scripting vulnerability in the WordPress RT-Theme 18 Extensions (rt18-extensions) plugin, affecting version <= 2.5. The issue is described as improper neutralization of input during web page generation, enabling reflected XSS. Affected product/com...
CVE-2026-57743
CVE-2026-57743 describes animproper control of the filename for include/require in the PHP program, enabling a PHP Local File Inclusion vulnerability in the WordPress plugin set RT-Theme 18 | Extensions (rt18-extensions). Affected: RT-Theme 18 Extensions versions up to and including 2.5. The issu...
WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin RT-Theme 18 | Extensions versions = 2.5...
WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds in WordPress Plugin RT-Theme 18 | Extensions versions = 2.5...
WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin RT-Theme 18 | Extensions versions = 2.5...
CVE-2026-39710
Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
EUVD-2026-20417
Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
EUVD-2026-20419
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711
CVE-2026-39711 affects WordPress RT-Theme 18 | Extensions (rt18-extensions) up to version 2.5. The issue arises from the insertion of sensitive information into sent data, enabling retrieval of embedded sensitive data. Affected component: RT-Theme 18 | Extensions. Root cause: improper handling le...
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...