Search
Search Results (85322 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26240 | 1 Jazzcore | 1 Python-pdfkit | 2026-06-26 | 8.4 High |
| In JazzCore python-pdfkit 1.0.0, the from_string method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files. | ||||
| CVE-2025-58952 | 2 Themerex, Wordpress | 2 Neuronet, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions. | ||||
| CVE-2025-58953 | 2 Themerex, Wordpress | 2 Joly, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions. | ||||
| CVE-2025-58954 | 2 Themerex, Wordpress | 2 Homeroofer, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in HomeRoofer <= 2.11.0 versions. | ||||
| CVE-2025-69117 | 2 Themerex, Wordpress | 2 Ingenioso, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions. | ||||
| CVE-2025-69145 | 2 Themerex, Wordpress | 2 Gat, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Gat <= 1.16 versions. | ||||
| CVE-2025-69148 | 2 Themerex, Wordpress | 2 Quirky, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Quirky <= 1.23 versions. | ||||
| CVE-2025-69172 | 2 Themerex, Wordpress | 2 Resurs, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Resurs <= 1.3 versions. | ||||
| CVE-2025-69173 | 2 Themerex, Wordpress | 2 Tipsy, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions. | ||||
| CVE-2026-22325 | 2 Axiomthemes, Wordpress | 2 Promo, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions. | ||||
| CVE-2026-22326 | 2 Axiomthemes, Wordpress | 2 Reprizo, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions. | ||||
| CVE-2026-22330 | 2 Themeum, Wordpress | 2 Right Way, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Right Way <= 4.0 versions. | ||||
| CVE-2026-22331 | 2 Themerex, Wordpress | 2 Autoparts, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions. | ||||
| CVE-2026-22338 | 2 Themerex, Wordpress | 2 Ecoblue, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | ||||
| CVE-2026-39558 | 2 Elated-themes, Wordpress | 2 Malmö, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Malmö <= 2.2 versions. | ||||
| CVE-2026-40731 | 1 Mikado-themes | 2 Chapterone, Halstein | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions. | ||||
| CVE-2026-40735 | 2 Edge-themes, Wordpress | 2 Reina, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Reina <= 2.1 versions. | ||||
| CVE-2025-31013 | 2 Themify, Wordpress | 2 Themify Folo, Wordpress | 2026-06-26 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6. | ||||
| CVE-2025-69106 | 2 Themerex, Wordpress | 2 Imba, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions. | ||||
| CVE-2025-69120 | 2 Themerex, Wordpress | 2 Dazzle, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions. | ||||