In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.…
Jun 17, 2026
Jun 18, 2026
Jun 17, 2026
Jun 18, 2026
CVE-2025-69179
— WordPress Support Ticket Management System plugin <= 1.9 - Privilege Escalation vulnerabi…
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
Remote
|
Authorization
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69178
— WordPress Truemag theme <= 4.3.14.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69177
— WordPress Roneous theme <= 2.1.5 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69176
— WordPress ITactics theme <= 1.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69173
— WordPress Tipsy theme <= 1.1 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69172
— WordPress Resurs theme <= 1.3 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69171
— WordPress Orpheus theme <= 1.3 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69168
— WordPress Spike theme <= 1.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69167
— WordPress Eros theme <= 1.3 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69165
— WordPress Choreo theme <= 1.6 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69163
— WordPress WineShop theme <= 3.17 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69162
— WordPress Grecko theme <= 5.17 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Grecko <= 5.17 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69161
— WordPress Snowy theme <= 1.13 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Snowy <= 1.13 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69160
— WordPress Gita theme <= 1.11 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Gita <= 1.11 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69159
— WordPress Printo theme <= 1.11 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Printo <= 1.11 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69151
— WordPress Grand Car Rental theme <= 3.7 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
Remote
|
Cross-Site Scripting
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69150
— WordPress Medeus theme <= 1.14 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69149
— WordPress Top Dog theme <= 1.0.5 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69148
— WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026