7.1
CVE-2025-67534 - WordPress Rencontre plugin <= 3.13.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through <= 3.13.7.
7.1
CVE-2025-67533 - WordPress Themify Portfolio Post plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Portfolio Post themify-portfolio-post allows Stored XSS.This issue affects Themify Portfolio Post: from n/a through <= 1.3.0.
7.5
CVE-2025-67532 - WordPress Hara theme <= 1.2.17 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through <= 1.2.17.
7.5
CVE-2025-67531 - WordPress Turitor theme < 1.5.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Turitor turitor allows PHP Local File Inclusion.This issue affects Turitor: from n/a through < 1.5.3.
7.5
CVE-2025-67530 - WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through <= 2.3.15.
7.5
CVE-2025-67529 - WordPress Fashion theme < 5.3.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Opal_WP Fashion fashion2 allows PHP Local File Inclusion.This issue affects Fashion: from n/a through < 5.3.0.
7.5
CVE-2025-67528 - WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through <= 2.5.12.
7.5
CVE-2025-67527 - WordPress Digiqole theme < 2.2.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through < 2.2.7.
7.5
CVE-2025-67526 - WordPress Sailing theme < 4.4.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress Sailing sailing allows PHP Local File Inclusion.This issue affects Sailing: from n/a through < 4.4.6.
7.5
CVE-2025-67525 - WordPress ekommart theme < 4.3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Opal_WP ekommart ekommart allows PHP Local File Inclusion.This issue affects ekommart: from n/a through < 4.3.1.