4 matches found
CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-39613
CVE-2026-39613 concerns a Local File Inclusion in the WordPress Boutique theme by Kutethemes (kute-boutique). All connected sources consistently describe an improper control of the filename used by PHP include/require, enabling LFI. Affected software: Boutique theme versions up to and including 2...
CVE-2026-25342 WordPress Boutique theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...