0.0
CVE-2025-64206 - WordPress Jannah theme <= 7.6.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through <= 7.6.0.
0.0
CVE-2025-64205 - WordPress Jannah theme <= 7.6.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through <= 7.6.0.
0.0
CVE-2025-64203 - WordPress Mailster plugin < 4.1.14 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EverPress Mailster mailster allows Reflected XSS.This issue affects Mailster: from n/a through < 4.1.14.
0.0
CVE-2025-64193 - WordPress XStore theme < 9.6.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through < 9.6.1.
0.0
CVE-2025-64192 - WordPress XStore theme < 9.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through < 9.6.
0.0
CVE-2025-64191 - WordPress XStore theme < 9.6.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through < 9.6.1.
0.0
CVE-2025-64189 - WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through < 5.6.
0.0
CVE-2025-64188 - WordPress Soledad theme <= 8.6.9 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through <= 8.6.9.
0.0
CVE-2025-6326 - WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through <= 1.18.0.
0.0
CVE-2025-6324 - WordPress Easy Invoice plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through <= 2.0.9.