Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.1 HIGH
CVE-2025-69124 — WordPress Especio theme <= 1.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Especio <= 1.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
9.8 CRITICAL
CVE-2025-69122 — WordPress SeaFood Company theme <= 1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 versions.

Remote | Injection
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69121 — WordPress Deliciosa theme <= 1.10.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Deliciosa <= 1.10.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69119 — WordPress Corbesier theme <= 1.15.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Corbesier <= 1.15.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69118 — WordPress CopyPress theme <= 1.4.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in CopyPress <= 1.4.5 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69116 — WordPress Iona theme <= 1.0.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Iona <= 1.0.8 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69114 — WordPress MaxiNet theme <= 1.2.10 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in MaxiNet <= 1.2.10 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69113 — WordPress Nexio theme <= 1.10.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Nexio <= 1.10.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69112 — WordPress Planty theme <= 1.14.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Planty <= 1.14.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69109 — WordPress Raider Spirit theme <= 1.1.2 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
9.8 CRITICAL
CVE-2025-69108 — WordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.

Remote | Injection
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69107 — WordPress Rosaleen theme <= 2.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Rosaleen <= 2.8 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-69105 — WordPress Modernee theme <= 1.6.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Modernee <= 1.6.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
7.1 HIGH
CVE-2025-69104 — WordPress Qreatix theme <= 1.9.4 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions.

Remote | Cross-Site Scripting
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
7.5 HIGH
CVE-2025-69103 — WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability

Subscriber Arbitrary Content Deletion in Brikk <= 3.0.0 versions.

Remote | Authorization
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-60085 — WordPress Learnify theme <= 1.15.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Learnify <= 1.15.0 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
8.1 HIGH
CVE-2025-58924 — WordPress Geya theme <= 1.15 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Geya <= 1.15 versions.

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
9.8 CRITICAL
CVE-2026-54194 — WordPress Fusion Builder plugin <= 3.15.4 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.

fusion_builder | Remote | Injection
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
9.3 CRITICAL
CVE-2026-48777 — FileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared …

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backen…

Remote | Path Traversal
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
7.8 HIGH
CVE-2026-47750 — stable-diffusion.cpp: Heap buffer overflow in GLOBAL opcode parsing for PyTorch checkpoin…

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, the pickle .…

| Memory Corruption
Jun 16, 2026 Jun 16, 2026
Jun 16, 2026
Jun 16, 2026
Showing 20 of 7616 Results