Filtered by vendor Thememove
Subscribe
Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-68061 | 1 Thememove | 1 Edumall | 2026-01-29 | N/A | 7.5 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through <= 4.4.7. | |||||
| CVE-2025-68062 | 1 Thememove | 1 Minimogwp | 2026-01-29 | N/A | 7.5 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through <= 3.9.6. | |||||
| CVE-2025-60069 | 1 Thememove | 1 Minimogwp | 2026-01-29 | N/A | 8.1 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through <= 3.9.6. | |||||
| CVE-2025-14429 | 1 Thememove | 1 Aeroland | 2026-01-29 | N/A | 9.8 CRITICAL |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through <= 1.6.6. | |||||
| CVE-2025-58958 | 1 Thememove | 1 Smilepure | 2026-01-29 | N/A | 8.2 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through < 1.8.5. | |||||
| CVE-2025-58967 | 1 Thememove | 1 Businext | 2026-01-29 | N/A | 8.2 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through < 2.4.4. | |||||
| CVE-2025-59555 | 1 Thememove | 1 Medizin | 2026-01-29 | N/A | 8.1 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Medizin medizin allows PHP Local File Inclusion.This issue affects Medizin: from n/a through < 1.9.7. | |||||
| CVE-2025-59558 | 1 Thememove | 1 Billey | 2026-01-29 | N/A | 8.1 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through < 2.1.6. | |||||
| CVE-2025-59564 | 1 Thememove | 1 Edumall | 2026-01-29 | N/A | 8.1 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through < 4.4.5. | |||||
| CVE-2025-58210 | 1 Thememove | 1 Makeaholic | 2026-01-28 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ThemeMove Makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through 1.8.5. | |||||
| CVE-2025-58206 | 1 Thememove | 1 Maxcoach | 2026-01-28 | N/A | 8.1 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MaxCoach allows PHP Local File Inclusion. This issue affects MaxCoach: from n/a through 3.2.5. | |||||
| CVE-2025-32309 | 1 Thememove | 1 Healsoul | 2026-01-28 | N/A | 8.1 HIGH |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Healsoul allows PHP Local File Inclusion. This issue affects Healsoul: from n/a through 2.0.2. | |||||
| CVE-2025-14430 | 1 Thememove | 1 Brook | 2026-01-27 | N/A | 9.8 CRITICAL |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook - Agency Business Creative brook allows PHP Local File Inclusion.This issue affects Brook - Agency Business Creative: from n/a through <= 2.8.9. | |||||
| CVE-2025-22707 | 1 Thememove | 1 Moody | 2026-01-27 | N/A | 9.8 CRITICAL |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through <= 2.7.3. | |||||
| CVE-2025-22708 | 1 Thememove | 1 Mitech | 2026-01-27 | N/A | 9.8 CRITICAL |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Mitech mitech allows PHP Local File Inclusion.This issue affects Mitech: from n/a through <= 2.3.4. | |||||
| CVE-2021-24950 | 1 Thememove | 1 Insight Core | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in the insight_customizer_options_import (available to any authenticated user), does not validate user input before passing it to unserialize(), nor sanitise and escape it before outputting it in the response. As a result, it could allow users with a role as low as Subscriber to perform PHP Object Injection, as well as Stored Cross-Site Scripting attacks | |||||