Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through < 2.1.2. More...
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2. More information : https://patchstack.com/database/Wordpress/Theme/miraculous/vulnerability/wordpress-miraculous-theme-2-1-2-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Anton Voytenko Petitioner petitioner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Petitioner: from n/a through
Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through < 1.10. More information : https://patchstack.com/database/Wordpress/Theme/pelicula-video-production-and-movie-theme/vulnerability/wordpress-pelicula-theme-1-10-php-object-injection-vulnerability?_s_id=cve
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object Injection.This issue affects Stål: from n/a through < 1.7. More information : https://patchstack.com/database/Wordpress/Theme/stal/vulnerability/wordpress-staal-theme-1-7-arbitrary-object-instantiation-vulnerability?_s_id=cve
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through < 1.3. More information : https://patchstack.com/database/Wordpress/Theme/kamperen/vulnerability/wordpress-kamperen-theme-1-3-arbitrary-object-instantiation-vulnerability?_s_id=cve
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through < 1.4. More information : https://patchstack.com/database/Wordpress/Theme/gracey/vulnerability/wordpress-gracey-theme-1-4-arbitrary-object-instantiation-vulnerability?_s_id=cve
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object Injection.This issue affects Halstein: from n/a through < 1.8. More information : https://patchstack.com/database/Wordpress/Theme/halstein/vulnerability/wordpress-halstein-theme-1-8-arbitrary-object-instantiation-vulnerability?_s_id=cve
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Leroux: from n/a through < 1.4. More information : https://patchstack.com/database/Wordpress/Theme/leroux/vulnerability/wordpress-leroux-theme-1-4-arbitrary-object-instantiation-vulnerability?_s_id=cve
Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object Injection.This issue affects Archicon: from n/a through < 1.7. More information : https://patchstack.com/database/Wordpress/Theme/archicon/vulnerability/wordpress-archicon-theme-1-7-arbitrary-object-instantiation-vulnerability?_s_id=cve
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy: from n/a through
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in CreativeWS VintWood vintwood allows PHP Local File Inclusion.This issue affects VintWood: from n/a through
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in CreativeWS Trendustry trendustry allows PHP Local File Inclusion.This issue affects Trendustry: from n/a through