CVE-2026-28050

CVE-2026-28050 refers to a Local File Inclusion in the ThemeREX Beacon WordPress theme (beacon)

CVE-2026-28050 WordPress Beacon theme <= 2.24 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Beacon beacon allows PHP Local File Inclusion.This issue affects Beacon: from n/a through = 2.24...

WordPress Beacon theme <= 2.24 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Beacon versions = 2.24...

CVE-2025-47596 WordPress Beacon Lead Magnets and Lead Capture plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Cross Site Request Forgery.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.8...

CVE-2025-24637 WordPress Beacon Lead Magnets and Lead Capture Plugin <= 1.5.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Beacon Lead Magnets and Lead Capture beacon-by allows Reflected XSS.This issue affects Beacon Lead Magnets and Lead Capture: from n/a through = 1.5.7...

WordPress Beacon For Help Scout Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Beacon For Help Scout Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51828 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 28de7e29c4c2 Credits SOPROBRO Required privilege...