WordPress 69 Clothing Theme <= 1.2.11 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme 69 Clothing versions = 1.2.11...

WordPress MediaFlex Theme <= 1.3.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme MediaFlex versions = 1.3.0...

WordPress Lab Theme <= 1.0.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Lab versions = 1.0.0...

WordPress AlphaColor Theme <= 1.4.11.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme AlphaColor versions = 1.4.11.1...

WordPress Drone Media Theme <= 2.2.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Drone Media versions = 2.2.0...

WordPress Booklovers Theme <= 2.13 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Booklovers versions = 2.13...

WordPress Qwery Theme <= 3.4.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme Qwery versions = 3.4.1...

WordPress Anesta Theme <= 1.2.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Anesta versions = 1.2.1...

WordPress ProRange Theme <= 2.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme ProRange versions = 2.3...

WordPress AI ANN Theme <= 1.1.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme AI ANN versions = 1.1.0...

WordPress HotLock Theme <= 1.3.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme HotLock versions = 1.3.9...

WordPress Let's Play Theme <= 1.1.14 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Theme Let's Play versions = 1.1.14...

WordPress Good Wine Theme <= 1.1.10 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Theme Good Wine versions = 1.1.10...

WordPress Custom Made Theme <= 1.1.17 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Theme Custom Made versions = 1.1.17...

WordPress Hampton Theme <= 1.3.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Theme Hampton versions = 1.3.3...

WordPress Smart Casa Theme <= 1.0.11 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Smart Casa versions = 1.0.11...

WordPress Podium Theme <= 1.1.13 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Podium versions = 1.1.13...

WordPress Vagabonds Theme <= 1.3.10 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Vagabonds versions = 1.3.10...

WordPress Tantra Theme <= 2.1.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Tantra versions = 2.1.0...

WordPress PathWell Theme <= 1.1.16 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme PathWell versions = 1.1.16...

WordPress Camelia Theme <= 1.2.13 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Camelia versions = 1.2.13...

WordPress Callie Britt Theme <= 1.2.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Callie Britt versions = 1.2.3...

WordPress Fortunio Theme <= 2.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Fortunio versions = 2.3...

WordPress A.Williams Theme <= 1.3.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme A.Williams versions = 1.3.0...

WordPress Gutentype Theme <= 2.1.11 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Gutentype versions = 2.1.11...

WordPress Edema Theme <= 1.2.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Edema versions = 1.2.1...

WordPress WotaHub Theme <= 1.2.2 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme WotaHub versions = 1.2.2...

WordPress Hello Summer Theme <= 1.1.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hello Summer versions = 1.1.3...

WordPress Portfolio Manager Lite plugin <= 1.20 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Portfolio Manager Lite versions = 1.20...

WordPress Woocommerce Sales Funnel Builder plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Woocommerce Sales Funnel Builder versions = 1.1...

WordPress Premium Age Verification / Restriction for WordPress Plugin <= 3.0.2 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Premium Age Verification / Restriction for WordPress versions = 3.0.2...

WordPress ZIP Code Based Content Protection plugin <= 1.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by RoyTdd in WordPress Plugin ZIP Code Based Content Protection versions = 1.0.0...

WordPress Goza Theme <= 3.2.2 is vulnerable to Arbitrary File Upload

Software Goza Type Theme Vulnerable versions = 3.2.2 Fixed in 3.2.3 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-5394 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 66a283dd0c55 Credits GR0V Required privilege Unauthenticated Published 8...

WordPress Doccure Theme <= 1.4.8 is vulnerable to Arbitrary File Upload

Software Doccure Type Theme Vulnerable versions = 1.4.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-9112 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 66ae90b5e147 Credits István Márton Required privilege Subscriber Publish...

WordPress Goza Theme 3.2.2 is vulnerable to Arbitrary File Deletion

Software Goza Type Theme Vulnerable versions 3.2.2 Fixed in 3.2.3 OWASP Top 10 A1: Injection Classification Arbitrary File Deletion CVE CVE-2025-10134 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 14b5ad5ea9b5 Credits Thái An Required privilege Unauthenticated Publishe...

WordPress Ditty Plugin < 3.1.58 is vulnerable to Server Side Request Forgery (SSRF)

Software Ditty Type Plugin Vulnerable versions 3.1.58 Fixed in 3.1.58 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2025-8085 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID 6412178a9851 Credits Dmitrii Ignatyev Required privilege...

WordPress Doccure Theme <= 1.4.8 is vulnerable to Broken Authentication

Software Doccure Type Theme Vulnerable versions = 1.4.8 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2025-9114 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID ed52533a6b26 Credits István Márton...

WordPress Doccure Theme <= 1.4.8 is vulnerable to Arbitrary File Upload

Software Doccure Type Theme Vulnerable versions = 1.4.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-9113 Patch priority High CVSS severity High 10 Developer Claim ownership PSID a390d4c607ad Credits István Márton Required privilege Unauthenticated...

WordPress Edema Theme <= 1.2.1 is vulnerable to Local File Inclusion

Software Edema Type Theme Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID d74815f7d811 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress A.Williams Theme <= 1.3.0 is vulnerable to Local File Inclusion

Software A.Williams Type Theme Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e62a941b1ab1 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress Gutentype Theme <= 2.1.11 is vulnerable to Local File Inclusion

Software Gutentype Type Theme Vulnerable versions = 2.1.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 42f4a10f514e Credits Bonds Required privilege Unauthenticated Publish...

WordPress Hello Summer Theme <= 1.1.3 is vulnerable to Local File Inclusion

Software Hello Summer Type Theme Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 5d077134b304 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunit...

WordPress WotaHub Theme <= 1.2.2 is vulnerable to Local File Inclusion

Software WotaHub Type Theme Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0b2e70b3d1c4 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress Crework Theme <= 1.1.11 is vulnerable to Local File Inclusion

Software Crework Type Theme Vulnerable versions = 1.1.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2d989cca5228 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress 69 Clothing Theme <= 1.2.11 is vulnerable to Local File Inclusion

Software 69 Clothing Type Theme Vulnerable versions = 1.2.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID d2c943f4cc66 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunit...

WordPress MediaFlex Theme <= 1.3.0 is vulnerable to Local File Inclusion

Software MediaFlex Type Theme Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 464e3d98edb3 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress Lab Theme <= 1.0.0 is vulnerable to Local File Inclusion

Software Lab Type Theme Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID a830ef2cbee5 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity Require...

WordPress AlphaColor Theme <= 1.4.11.1 is vulnerable to Local File Inclusion

Software AlphaColor Type Theme Vulnerable versions = 1.4.11.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 64fc4d9d2990 Credits Bonds Required privilege Unauthenticated...

WordPress Drone Media Theme <= 2.2.0 is vulnerable to Local File Inclusion

Software Drone Media Type Theme Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID eedad8a1091f Credits Bonds Required privilege Unauthenticated...

WordPress Booklovers Theme <= 2.13 is vulnerable to Local File Inclusion

Software Booklovers Type Theme Vulnerable versions = 2.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 32013fcc5a21 Credits Bonds Required privilege Unauthenticated Publishe...