CVE-2025-69112
— WordPress Planty theme <= 1.14.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Planty <= 1.14.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69110
— WordPress AirSupply theme <= 2.0.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in AirSupply <= 2.0.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69109
— WordPress Raider Spirit theme <= 1.1.2 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69108
— WordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.
Remote
|
Injection
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69107
— WordPress Rosaleen theme <= 2.8 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Rosaleen <= 2.8 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69105
— WordPress Modernee theme <= 1.6.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Modernee <= 1.6.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69104
— WordPress Qreatix theme <= 1.9.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting (XSS) in Qreatix <= 1.9.4 versions.
Remote
|
Cross-Site Scripting
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-69103
— WordPress Brikk theme <= 3.0.0 - Arbitrary Content Deletion vulnerability
Subscriber Arbitrary Content Deletion in Brikk <= 3.0.0 versions.
Remote
|
Authorization
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-62340
— HCL iControl was affected by Inadequate Session Timeout vulnerability
HCL iControl was affected by Inadequate Session Timeout vulnerability. The vulnerability involves a security risk where a web application fails to automatically terminate user sessions after a period…
Jun 17, 2026
Jun 26, 2026
Jun 17, 2026
Jun 26, 2026
CVE-2025-60223
— WordPress WPBot Pro Wordpress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerab…
Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot <= 13.6.5 versions.
wpot
|
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-60218
— WordPress PT Luxa Addons Plugin <= 1.2.2 - Arbitrary File Upload Vulnerability
Subscriber Arbitrary File Upload in PT Luxa Addons <= 1.2.2 versions.
Remote
|
Misconfiguration
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-60205
— WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in ThemeREX Addons <= 2.36.1.1 versions.
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-60085
— WordPress Learnify theme <= 1.15.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Learnify <= 1.15.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-59872
— HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability,
HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a…
Jun 17, 2026
Jun 26, 2026
Jun 17, 2026
Jun 26, 2026
CVE-2025-59563
— WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions.
Remote
|
Authorization
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-59560
— WordPress Sonaar theme <= 4.27.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting (XSS) in Sonaar <= 4.27.4 versions.
Remote
|
Cross-Site Scripting
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-58954
— WordPress HomeRoofer theme <= 2.11.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in HomeRoofer <= 2.11.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-58953
— WordPress Joly theme <= 1.22.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Joly <= 1.22.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-58952
— WordPress Neuronet theme < 1.14.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
CVE-2025-58924
— WordPress Geya theme <= 1.15 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Geya <= 1.15 versions.
Remote
|
Path Traversal
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Jun 17, 2026