CVE-2025-60206 WordPress Alone theme <= 7.8.3 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through = 7.8.3...

CVE-2025-60206 WordPress Alone theme <= 7.8.3 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through = 7.8.3...

CVE-2025-54019 WordPress Alone < 7.8.5 - Arbitrary Code Execution Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through 7.8.5...

CVE-2025-54019 WordPress Alone < 7.8.5 - Arbitrary Code Execution Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through 7.8.5...

WordPress Alone Theme 7.8.3 Arbitrary Plugin Upload

WordPress Alone Theme versions 7.8.3 and below suffer from an arbitrary plugin upload vulnerability...

WordPress Alone < 7.8.5 - Arbitrary Code Execution Vulnerability

Arbitrary Code Execution Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Alone versions 7.8.5...

WordPress Alone theme <= 7.8.3 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Alone versions = 7.8.3...

WordPress Alone theme <= 7.8.3 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation vulnerability

Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation vulnerability discovered by Thái An in WordPress Theme Alone versions = 7.8.3...

WordPress Alone theme <= 7.8.3 - Missing Authorization to Unauthenticated Arbitrary File Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary File Deletion vulnerability discovered by Thái An in WordPress Theme Alone versions = 7.8.2...

WordPress Alone Code Injection Vulnerability

WordPress Alone is a theme designed for nonprofit organizations, primarily for the WordPress platform. WordPress Alone suffers from a code injection vulnerability that stems from improper code generation controls, no details of the vulnerability are provided at this time...

CVE-2025-52718

The CVE-2025-52718 entry concerns WordPress Alone (Bearsthemes Alone) with an improper control of generation of code, enabling remote code inclusion and arbitrary code execution. Affected: Alone theme versions n/a through 7.8.2. Root cause: Code generation control weaknesses allow injected code t...

CVE-2025-52718 WordPress Alone <= 7.8.2 - Arbitrary Code Execution Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Bearsthemes Alone allows Remote Code Inclusion. This issue affects Alone: from n/a through 7.8.2...

WordPress plugin Alone 代码注入漏洞

WordPress Alone is a theme designed for nonprofit organizations, primarily for the WordPress platform. WordPress Alone suffers from a code injection vulnerability that stems from improper code generation controls, no details of the vulnerability are provided at this time...