18742 matches found
CVE-2026-39679
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through = 1.3.21...
PT-2026-32991
The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in the akd required plugin callback function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39649
Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...
CVE-2025-5804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through 1.0.4...
Malicious Package
Overview @ids-alpha/theme is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @ids-alpha/theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b423c1268bb757d8dbdb3ed3f18f694342108deb76ca68405c72c2d9ca0775 The package @ids-alpha/theme was found to contain malicious code. Source: ghsa-malware a13c5be1a3936c956e02fd943b70f241a2dd8ced305b3e54165d16faae329b...
MAL-2026-2586 Malicious code in @ids-alpha/theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69b423c1268bb757d8dbdb3ed3f18f694342108deb76ca68405c72c2d9ca0775 The package @ids-alpha/theme was found to contain malicious code. Source: ghsa-malware a13c5be1a3936c956e02fd943b70f241a2dd8ced305b3e54165d16faae329b...
EUVD-2026-21791
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-28553
CVE-2026-28553 describes an improper permission control in the theme setting module. The vulnerability is reported as affecting confidentiality with a CVSS v3.1 base score of 6.9 (MEDIUM). Exploitation requires local access and user interaction, with high attack complexity and no privileges requi...
PT-2026-32230
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei. Huawei EMUI is a mobile operating system developed based on Android. Huawei HarmonyOS is an operating system that provides a full-scenario distributed operating system based on a microkernel. There are security...
CVE-2026-39603
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through = 5.7.8...
CVE-2026-39613
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
EUVD-2025-209401
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...
CVE-2025-5804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through 1.0.4...