3 matches found
CVE-2025-60055 WordPress Fabrica theme <= 1.8.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fabrica fabrica allows PHP Local File Inclusion.This issue affects Fabrica: from n/a through = 1.8.1...
CVE-2025-60055
CVE-2025-60055 : WordPress Fabrica theme
WordPress Fabrica Synced Pattern Instances Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)
Software Fabrica Synced Pattern Instances Type Plugin Vulnerable versions = 1.0.8 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51695 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0fa9f1896c6c Credits João Pedro S...