Lucene search
+L

33 matches found

CVE
CVE
added 2025/08/16 3:38 a.m.28 views

CVE-2025-3671

CVE-2025-3671 concerns the WPGYM WordPress plugin (Gym Management System) with a Local File Inclusion vulnerability exploitable via the vulnerable parameter “page.” According to the primary sources, this affects all versions up to 67.7.0 and requires authentication at Subscriber level or higher; ...

8.8CVSS8.3AI score0.00693EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/16 3:38 a.m.4 views

CVE-2025-3671 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 67.7.0 via the 'page' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrar...

8.8CVSS8.3AI score0.00693EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/08/14 11:12 p.m.8 views

WordPress BizCalendar Web plugin <= 1.1.0.50 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by muhammad yudha in WordPress Plugin bizcalendar-web versions = 1.1.0.53...

7.5CVSS6.7AI score0.00597EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/07/22 11:43 a.m.6 views

WordPress CSS & JavaScript Toolbox plugin < 12.0.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Martin Herancourt in WordPress Plugin CSS & JavaScript Toolbox versions 12.0.3...

7.5CVSS6.9AI score0.00477EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/22 11:14 a.m.6 views

WordPress Support Board <= 3.8.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Support Board versions = 3.8.0...

8.1CVSS6.8AI score0.00491EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/01 12:47 p.m.8 views

WordPress PrivateContent - Mail Actions plugin <= 2.3.2 - Local File Inclusion vulnerability

WordPress PrivateContent - Mail Actions plugin = 2.3.2 - Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin PrivateContent - Mail Actions versions = 2.3.2...

7.5CVSS6.8AI score0.00422EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/06/27 11:52 a.m.15 views

CVE-2025-32298 WordPress CTUsers plugin <= 1.0.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case-Themes CTUsers ctuser allows PHP Local File Inclusion.This issue affects CTUsers: from n/a through = 1.0.0...

7.5CVSS0.00422EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/05 12:16 a.m.7 views

WordPress WP Travel Engine plugin <= 6.5.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by muhammad yudha in WordPress Plugin WP Travel Engine versions = 6.5.1...

7.5CVSS6.7AI score0.00628EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/21 11:53 a.m.11 views

WordPress WP Event Manager plugin <= 3.1.51 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin WP Event Manager versions = 3.1.51...

8.1CVSS6.6AI score0.00434EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/16 12:53 p.m.7 views

WordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin WHMpress versions = 6.2-revision-9...

8.1CVSS8.3AI score0.00366EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/16 12:53 p.m.7 views

WordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin WHMpress versions = 6.2-revision-9...

7.5CVSS8.4AI score0.00376EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/08 12:19 p.m.7 views

WordPress WP Job Portal plugin <= 2.3.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Job Portal versions = 2.3.1...

9.8CVSS8.4AI score0.00585EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/05/07 12:39 p.m.13 views

WordPress XT Event Widget for Social Events plugin <= 1.1.7 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by timomangcut in WordPress Plugin XT Event Widget for Social Events versions = 1.1.7...

8.8CVSS8.2AI score0.00549EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/04/17 3:15 p.m.21 views

CVE-2025-39452 WordPress WPCafe plugin <= 2.2.32 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Arraytics WPCafe wp-cafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through = 2.2.32...

7.5CVSS0.00686EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/17 2:19 p.m.7 views

WordPress WPAMS plugin <= 44.0 - Local File Inclusion to Privilege Escalation vulnerability

Local File Inclusion to Privilege Escalation vulnerability discovered by Aiden Thái An in WordPress Plugin WPAMS versions = 44.0...

9.8CVSS8.3AI score0.00435EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/16 5:39 p.m.7 views

WordPress Modal Survey plugin <= 2.0.2.0.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Modal Survey versions = 2.0.2.0.1...

9.8CVSS8.4AI score0.00622EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/04/16 1:15 p.m.11 views

CVE-2025-39592

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through = 1.3.0...

7.5CVSS0.00778EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/15 6:50 a.m.7 views

WordPress hockeydata LOS plugin <= 1.2.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin hockeydata LOS versions = 1.2.4...

7.5CVSS8.3AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/11 12:21 p.m.7 views

WordPress Coming Soon, Maintenance Mode plugin <= 1.1.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Coming Soon, Maintenance Mode versions = 1.1.1...

7.5CVSS8.3AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/10 2:50 p.m.10 views

WordPress Ray Enterprise Translation plugin <= 1.7.0 - Local File Inclusion via CSRF Vulnerability

Local File Inclusion via CSRF Vulnerability discovered by astra.r3verii in WordPress Plugin Ray Enterprise Translation versions = 1.7.0...

7.5CVSS8.2AI score0.00629EPSS
Exploits0Affected Software1
Rows per page
Query Builder