Total
323374 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58950 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lione lione allows PHP Local File Inclusion.This issue affects Lione: from n/a through <= 1.16. | ||||
| CVE-2025-60060 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pubzinne pubzinne allows PHP Local File Inclusion.This issue affects Pubzinne: from n/a through <= 1.0.12. | ||||
| CVE-2025-58937 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Tacticool tacticool allows PHP Local File Inclusion.This issue affects Tacticool: from n/a through <= 1.0.13. | ||||
| CVE-2025-64217 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Photography photography allows Reflected XSS.This issue affects Photography: from n/a through <= 7.7.2. | ||||
| CVE-2025-6324 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through <= 2.0.9. | ||||
| CVE-2025-58949 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through <= 1.17. | ||||
| CVE-2025-60050 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through <= 1.21. | ||||
| CVE-2025-60080 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 7.5 High |
| Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through <= 6.3.0. | ||||
| CVE-2025-58940 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12. | ||||
| CVE-2025-60077 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 7.5 High |
| Missing Authorization vulnerability in YayCommerce YayPricing yaypricing allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects YayPricing: from n/a through <= 3.5.3. | ||||
| CVE-2025-58943 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through <= 1.1.0. | ||||
| CVE-2025-64193 | 2 8theme, Wordpress | 2 Xstore, Wordpress | 2025-12-19 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through < 9.6.1. | ||||
| CVE-2025-64266 | 2 Magepeople, Wordpress | 2 Booking & Rental Manager, Wordpress | 2025-12-19 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager booking-and-rental-manager-for-woocommerce allows Object Injection.This issue affects Booking and Rental Manager: from n/a through <= 2.5.4. | ||||
| CVE-2025-60062 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 9.4 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mmetrodw tPlayer tplayer-html5-audio-player-with-playlist allows SQL Injection.This issue affects tPlayer: from n/a through <= 1.2.1.6. | ||||
| CVE-2025-60051 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Rare Radio rareradio allows PHP Local File Inclusion.This issue affects Rare Radio: from n/a through <= 1.0.15.1. | ||||
| CVE-2025-59134 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through <= 1.5.8. | ||||
| CVE-2025-60046 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes HeartStar heartstar allows PHP Local File Inclusion.This issue affects HeartStar: from n/a through <= 1.0.14. | ||||
| CVE-2025-60180 | 2 Crm Perks, Wordpress | 2 Wp Gravity Forms Hubspot, Wordpress | 2025-12-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through <= 1.5.1. | ||||
| CVE-2025-64206 | 2 Tielabs, Wordpress | 2 Jannah, Wordpress | 2025-12-19 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through <= 7.6.0. | ||||
| CVE-2025-58933 | 1 Wordpress | 1 Wordpress | 2025-12-19 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Anubis anubis allows PHP Local File Inclusion.This issue affects Anubis: from n/a through <= 1.25. | ||||