WordPress Wise Move Theme <= 1.1.15 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Wise Move versions = 1.1.15...

WordPress ChainPress Theme <= 1.0.14 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme ChainPress versions = 1.0.14...

WordPress Albertino Theme <= 2.17.0.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Albertino versions = 2.17.0.0...

WordPress ProDent Theme <= 1.5.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme ProDent versions = 1.5.9...

WordPress Healthy Blog Theme <= 1.2.8 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Healthy Blog versions = 1.2.8...

WordPress Credit Card Experience Theme <= 1.2.15 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Credit Card Experience versions = 1.2.15...

WordPress Lab Theme <= 1.0.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Lab versions = 1.0.0...

WordPress ProRange Theme <= 2.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme ProRange versions = 2.3...

WordPress Custom Made Theme <= 1.1.17 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Theme Custom Made versions = 1.1.17...

CVE-2025-8359

The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as other users,...

CVE-2025-7368

The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...

CVE-2025-7366

The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due to the software allowing users to execute an action that does not properly validate a value befor...

WordPress PathWell Theme <= 1.1.16 is vulnerable to Local File Inclusion

Software PathWell Type Theme Vulnerable versions = 1.1.16 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 48d7c14445e6 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress AlphaColor Theme <= 1.4.11.1 is vulnerable to Local File Inclusion

Software AlphaColor Type Theme Vulnerable versions = 1.4.11.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 64fc4d9d2990 Credits Bonds Required privilege Unauthenticated...

WordPress Gutentype Theme <= 2.1.11 is vulnerable to Local File Inclusion

Software Gutentype Type Theme Vulnerable versions = 2.1.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 42f4a10f514e Credits Bonds Required privilege Unauthenticated Publish...

WordPress Anesta Theme <= 1.2.1 is vulnerable to Local File Inclusion

Software Anesta Type Theme Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID f2fff1320acd Credits Bonds Required privilege Unauthenticated Published 8...

WordPress HotLock Theme <= 1.3.9 is vulnerable to Local File Inclusion

Software HotLock Type Theme Vulnerable versions = 1.3.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 457feca0b67b Credits Bonds Required privilege Unauthenticated Published ...

WordPress Smart Casa Theme <= 1.0.11 is vulnerable to Local File Inclusion

Software Smart Casa Type Theme Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID fbd7731da0a1 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress ProGuards Theme <= 2.13.0 is vulnerable to Local File Inclusion

Software ProGuards Type Theme Vulnerable versions = 2.13.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 854fcc2996a0 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress Albertino Theme <= 2.17.0.0 is vulnerable to Local File Inclusion

Software Albertino Type Theme Vulnerable versions = 2.17.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 40ad094b629a Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunit...