263044 matches found
CVE-2025-69112 WordPress Planty theme <= 1.14.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Planty = 1.14.0 versions...
CVE-2025-69109 WordPress Raider Spirit theme <= 1.1.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Raider Spirit = 1.1.2 versions...
CVE-2025-69109
Technical details for CVE-2025-69109 are not provided in the supplied documents. No affected versions, root cause, impact, or remediation are stated here. Monitor for updates from the connected sources.
CVE-2025-69107 WordPress Rosaleen theme <= 2.8 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Rosaleen = 2.8 versions...
CVE-2025-69108 WordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...
CVE-2025-69108
CVE-2025-69108 is an unauthenticated PHP Object Injection in the WordPress theme Hot Coffee (<= 1.7). The description specifies unauthenticated object injection in Hot Coffee
CVE-2025-69107
Technical details about CVE-2025-69107 (affected product/version, root cause, exploitability, impact, fixes) are not provided in the connected documents. Monitor for updates.
CVE-2025-69105 WordPress Modernee theme <= 1.6.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Modernee = 1.6.0 versions...
CVE-2025-69105
Technical details (affected versions beyond Modernee
CVE-2025-69103
CVE-2025-69103 affects WordPress Brikk theme ≤ 3.0.0. According to the records, a Subscriber can cause Arbitrary Content Deletion. CVSS 3.1 base score 7.5 (HIGH) with NETWORK attack vector, Low attack complexity, no privileges required, no user interaction, availability impact. No root-cause deta...
CVE-2025-69104 WordPress Qreatix theme <= 1.9.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Qreatix = 1.9.4 versions...
CVE-2025-69104
Technical details for CVE-2025-69104 are not provided in the connected documents. Monitor for updates.
CVE-2025-69103 WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability
Subscriber Arbitrary Content Deletion in Brikk = 3.0.0 versions...
CVE-2025-60085
CVE-2025-60085 : Unauthenticated Local File Inclusion in the WordPress Learnify theme (versions
CVE-2025-58924 WordPress Geya theme <= 1.15 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Geya = 1.15 versions...
CVE-2025-58924
Technical details for CVE-2025-58924 are not provided in the supplied documents. No specifics on affected versions beyond
CVE-2025-60085 WordPress Learnify theme <= 1.15.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Learnify = 1.15.0 versions...
CVE-2026-54194 WordPress Fusion Builder plugin <= 3.15.4 - PHP Object Injection vulnerability
Contributor PHP Object Injection in Fusion Builder = 3.15.4 versions...
CVE-2026-54194
CVE-2026-54194 concerns the WordPress Fusion Builder plugin, affected versions ≤ 3.15.4, with a PHP Object Injection vulnerability identified in the CVE record. The provided information confirms the affected component (Fusion Builder), the vulnerable version range, and the nature of the issue (PH...
CVE-2026-40750
CVE-2026-40750 : The WordPress Kids Online Store theme (versions up to 0.8.9) is affected by an arbitrary file upload vulnerability described as Unrestricted Upload of File with Dangerous Type, enabling upload of a web shell to the web server. Connected documents corroborate the issue and specify...