26 matches found
CVE-2026-27419
Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...
CVE-2026-27419
CVE-2026-27419 affects WordPress Zegen theme versions
CVE-2026-27419 WordPress Zegen theme <= 1.1.9 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...
CVE-2025-11087
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...
CVE-2025-11087 Zegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...
CVE-2025-11087 Zegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...
EUVD-2025-198511
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...
CVE-2025-11087
CVE-2025-11087 (Zegen Core, WordPress) : Zegen Core plugin
WordPress Zegen Core plugin <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability
Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by István Márton - Wordfence in WordPress Plugin Zegen Core versions = 2.0.1...
PT-2025-47802
Name of the Vulnerable Software and Affected Versions Zegen Core versions prior to 2.0.1 Description The Zegen Core plugin for WordPress is susceptible to a Cross-Site Request Forgery CSRF issue leading to Arbitrary File Upload. This is caused by a lack of nonce validation and file type validatio...
WordPress plugin Zegen Core 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
CVE-2025-53252
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...
CVE-2025-53252
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...
EUVD-2025-37998
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...
CVE-2025-53252 WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...
CVE-2025-53252 WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...
CVE-2025-53252
CVE-2025-53252 concerns WordPress Zegen Theme
WordPress plugin Zegen 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-45223
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...
WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Zegen versions = 1.1.9...