6.5
CVE-2025-49914 - WordPress Restaurant Menu by MotoPress plugin <= 2.4.7 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in jetmonsters Restaurant Menu by MotoPress mp-restaurant-menu allows Retrieve Embedded Sensitive Data.This issue affects Restaurant Menu by MotoPress: from n/a through <= 2.4.7.
6.5
CVE-2025-49902 - WordPress Login Page Customizer β Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 β¦
Missing Authorization vulnerability in A WP Life Login Page Customizer – Customizer Login Page, Admin Page, Custom Design customizer-login-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Page Customizer – Customizer Login Page, Adminβ¦
7.2
CVE-2025-49379 - WordPress Custom Fields Account Registration For Woocommerce plugin <= 1.2 - Privilege Escalation vβ¦
Incorrect Privilege Assignment vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Privilege Escalation.This issue affects Custom Fields Account Registration For Woocommerce: from n/a through <= 1.2.
8.1
CVE-2025-49371 - WordPress Strux theme <= 1.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Strux strux allows PHP Local File Inclusion.This issue affects Strux: from n/a through <= 1.9.
8.1
CVE-2025-49370 - WordPress Lymcoin theme <= 1.3.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Lymcoin lymcoin allows PHP Local File Inclusion.This issue affects Lymcoin: from n/a through <= 1.3.12.
8.1
CVE-2025-49369 - WordPress Lettuce theme <= 1.1.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Lettuce lettuce allows PHP Local File Inclusion.This issue affects Lettuce: from n/a through <= 1.1.7.
8.1
CVE-2025-49368 - WordPress Palladio theme <= 1.1.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Palladio palladio allows PHP Local File Inclusion.This issue affects Palladio: from n/a through <= 1.1.10.
8.1
CVE-2025-49367 - WordPress Monyxi theme <= 1.1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Monyxi monyxi allows PHP Local File Inclusion.This issue affects Monyxi: from n/a through <= 1.1.8.
8.1
CVE-2025-49366 - WordPress Hanani theme <= 1.2.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Hanani hanani allows PHP Local File Inclusion.This issue affects Hanani: from n/a through <= 1.2.11.
8.1
CVE-2025-49365 - WordPress Jack Well theme <= 1.0.14 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Jack Well jack-well allows PHP Local File Inclusion.This issue affects Jack Well: from n/a through <= 1.0.14.