CVE-2025-69082 WordPress Arlo theme <= 6.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frenify Arlo arlo allows Reflected XSS.This issue affects Arlo: from n/a through = 6.0.3...

CVE-2025-69082

CVE-2025-69082 is a Reflected XSS vulnerability in the Frenify Arlo WordPress theme (Arlo: n/a through 6.0.3). Public sources (Red Hat advisory and the WordPress vulnerability listing) confirm the issue affects Arlo and note the patch status as Unpatched. Technical details in connected materials ...

CVE-2025-69082 WordPress Arlo theme <= 6.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frenify Arlo arlo allows Reflected XSS.This issue affects Arlo: from n/a through = 6.0.3...

CVE-2025-39475 WordPress Arlo theme <= 6.0.3 - Local File Inclusion Vulnerability

Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through = 6.0.3...

CVE-2025-39475

CVE-2025-39475 affects the WordPress Arlo plugin/theme up to version 6.0.3, with an unauthenticated path traversal that enables PHP local file inclusion. Public sources indicate this is currently unpatched (per Wordfence details for Arlo ≤ 6.0.3). The CNVD entry describes the same path traversal ...

CVE-2025-39475 WordPress Arlo <= 6.0.3 - Local File Inclusion Vulnerability

Path Traversal vulnerability in Frenify Arlo allows PHP Local File Inclusion. This issue affects Arlo: from n/a through 6.0.3...

WordPress Arlo Theme <= 6.0.3 is vulnerable to Local File Inclusion

Software Arlo Type Theme Vulnerable versions = 6.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39475 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID eaea2827ac9d Credits Bonds Required privilege Unauthenticated Published 3...