CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE•added 2026/03/19 2:49 p.m.•10 views

CVE-2026-27043

CVE-2026-27043 affects the WordPress Photography theme (ThemeGoods Photography). The vulnerability is described as an authenticated (Editor+) Arbitrary File Upload vulnerability that arises in Photography versions up to 7.7.5, with public notes indicating exposure risk and path traversal implicat...

7.2CVSS5.2AI score0.00021EPSS

Exploits0References1

Cvelist•added 2026/03/19 2:49 p.m.•19 views

CVE-2026-27043 WordPress Photography theme < 7.7.6 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a before 7.7.6...

7.2CVSS0.00021EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-27348 WordPress Photography theme < 7.7.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Photography photography allows DOM-Based XSS.This issue affects Photography: from n/a through 7.7.6...

7.1CVSS5.2AI score0.00045EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•7 views

CVE-2026-27348

CVE-2026-27348 affects ThemeGoods Photography (WordPress theme). The issue is an improper neutralization of input during web page generation, enabling DOM-based XSS. Affected: Photography theme versions before 7.7.6 (per CVE entry; related sources reference Photography ≤ 7.6.x/7.7.6). Impact is D...

7.1CVSS5.2AI score0.00045EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68510 WordPress Photography theme < 7.7.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

5.9AI score0.00222EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•9 views

CVE-2025-68510

CVE-2025-68510 is a Local File Inclusion flaw in the ThemeGoods Photography (WordPress Photography) theme prior to version 7.7.5, caused by improper filename control in include/require statements for PHP. This vulnerability can lead to reading local files on the server (as described as PHP Local ...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

Cvelist•added 2025/06/06 11:45 a.m.•6 views

CVE-2025-47584 WordPress Photography theme <= 7.5.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Photography.This issue affects Photography: from n/a through 7.5.2...

8.5CVSS0.00253EPSS

Exploits0References1

Patchstack•added 2025/05/22 11:28 a.m.•3 views

WordPress Photography Theme <= 7.7.2 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Photography versions = 7.7.2...

8.5CVSS7.2AI score0.00253EPSS

Exploits0Affected Software1

Cvelist•added 2025/02/14 12:45 p.m.•17 views

CVE-2025-22702 WordPress Photography Theme <= 7.7.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in ThemeGoods Photography photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photography: from n/a through = 7.7.2...

6.3CVSS0.00057EPSS

Exploits0References1

Vulnrichment•added 2025/02/14 12:45 p.m.•5 views

CVE-2025-22702 WordPress Photography Theme <= 7.7.2 - Broken Access Control Vulnerability

6.3CVSS7.2AI score0.00057EPSS

Exploits0References1

Patchstack•added 2025/01/31 1:31 p.m.•3 views

WordPress Photography Theme <= 7.7.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Photography versions = 7.7.2...

6.3CVSS6.9AI score0.00057EPSS

Exploits0Affected Software1

Rows per page