Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.5 CVE-2026-11410

OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N_CVE-2026-11410

An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sani...

TP-Link Systems Inc. TL-WR940N v6 CVE
HIGH 8.5 CVE-2026-11409

OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N_CVE-2026-11409

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of ...

TP-Link Systems Inc. TL-WR940N v6 CVE
HIGH 8.1 CVE-2025-69178

WordPress Truemag theme <= 4.3.14.2 - Local File Inclusion vulnerability_CVE-2025-69178

Unauthenticated Local File Inclusion in Truemag

CactusThemes Truemag n/a CVE
HIGH 8.1 CVE-2025-69177

WordPress Roneous theme <= 2.1.5 - Local File Inclusion vulnerability_CVE-2025-69177

Unauthenticated Local File Inclusion in Roneous

THEMELOGI Roneous n/a CVE
HIGH 8.1 CVE-2025-69176

WordPress ITactics theme <= 1.0 - Local File Inclusion vulnerability_CVE-2025-69176

Unauthenticated Local File Inclusion in ITactics

ThemeREX ITactics n/a CVE
HIGH 8.1 CVE-2025-69168

WordPress Spike theme <= 1.2 - Local File Inclusion vulnerability_CVE-2025-69168

Unauthenticated Local File Inclusion in Spike

ThemeREX Spike n/a CVE
HIGH 8.1 CVE-2025-69167

WordPress Eros theme <= 1.3 - Local File Inclusion vulnerability_CVE-2025-69167

Unauthenticated Local File Inclusion in Eros

ThemeREX Eros n/a CVE
HIGH 8.1 CVE-2025-69165

WordPress Choreo theme <= 1.6 - Local File Inclusion vulnerability_CVE-2025-69165

Unauthenticated Local File Inclusion in Choreo

ThemeREX Choreo n/a CVE
HIGH 8.1 CVE-2025-69163

WordPress WineShop theme <= 3.17 - Local File Inclusion vulnerability_CVE-2025-69163

Unauthenticated Local File Inclusion in WineShop

ThemeREX WineShop n/a CVE
HIGH 8.1 CVE-2025-69162

WordPress Grecko theme <= 5.17 - Local File Inclusion vulnerability_CVE-2025-69162

Unauthenticated Local File Inclusion in Grecko

ThemeREX Grecko n/a CVE