36 matches found
EUVD-2023-36496
Malicious code in bioql PyPI...
EUVD-2023-32999
Malicious code in bioql PyPI...
EUVD-2023-32704
Malicious code in bioql PyPI...
WordPress Podium Theme <= 1.1.13 is vulnerable to Local File Inclusion
Software Podium Type Theme Vulnerable versions = 1.1.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 8c07bac37dd1 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...
WordPress Manufactory theme <= 1.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Manufactory versions = 1.4...
WordPress News Magazine X <= 1.2.35 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Theme News Magazine X versions = 1.2.37...
CVE-2025-5396
The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackupajaxhandle function not having a capability check, nor validating user supplied input passed directly to calluserfunc. This makes it possible for...
CVE-2025-31052
Deserialization of Untrusted Data vulnerability in themeton The Fashion - Model Agency One Page Beauty Theme nrgfashion allows Object Injection.This issue affects The Fashion - Model Agency One Page Beauty Theme: from n/a through = 1.4.4...
CVE-2024-5788
The Silesia theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ attribute within the theme's Button shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...
CVE-2023-29101
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Muffingroup Betheme theme = 26.7.5 versions...
WordPress Pet World theme <= 2.8 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Pet World versions = 2.8...
WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Theme Tainá versions 0.2.5...
WordPress Hotel Galaxy theme <= 4.4.24 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Hotel Galaxy versions = 4.4.24...
WordPress Book Landing Page theme <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Book Landing Page versions = 1.2.3...
WordPress Hueman theme <= 3.7.24 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Hueman versions = 3.7.24...
CVE-2023-38400
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...