Mikado-themes CVEs and Security Vulnerabilities

Filtered by vendor Mikado-themes Subscriptions

Search

Switch to Advanced Search (Beta)

Total 61 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-69030	3 Mikado-themes, Qodeinteractive, Wordpress	3 Backpack Traveler, Backpack Traveler, Wordpress	2026-01-29	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Backpack Traveler backpacktraveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backpack Traveler: from n/a through <= 2.10.3.
CVE-2025-67940	2 Mikado-themes, Wordpress	2 Powerlift, Wordpress	2026-01-29	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through < 3.2.1.
CVE-2025-67938	2 Mikado-themes, Wordpress	2 Biagiotti, Wordpress	2026-01-29	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Biagiotti biagiotti allows PHP Local File Inclusion.This issue affects Biagiotti: from n/a through < 3.5.2.
CVE-2025-39466	3 Mikado-themes, Qodeinteractive, Wordpress	3 Dor, Dor, Wordpress	2026-01-29	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through <= 2.4.
CVE-2025-39467	3 Mikado-themes, Qodeinteractive, Wordpress	3 Wanderland, Wanderland, Wordpress	2026-01-29	9.8 Critical
Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through <= 1.7.1.
CVE-2026-22458	2 Mikado-themes, Wordpress	2 Wanderland, Wordpress	2026-01-28	5.3 Medium
Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through <= 1.5.
CVE-2026-22382	2 Mikado-themes, Wordpress	2 Pawfriends - Pet Shop And Veterinary Wordpress Theme, Wordpress	2026-01-27	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through <= 1.3.
CVE-2026-22411	2 Mikado-themes, Wordpress	2 Dolcino, Wordpress	2026-01-27	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dolcino: from n/a through <= 1.6.
CVE-2026-22409	2 Mikado-themes, Wordpress	2 Justicia, Wordpress	2026-01-27	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Justicia justicia allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Justicia: from n/a through <= 1.2.
CVE-2026-22407	2 Mikado-themes, Wordpress	2 Roam, Wordpress	2026-01-27	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Roam roam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Roam: from n/a through <= 2.1.1.
CVE-2026-22406	2 Mikado-themes, Wordpress	2 Overton, Wordpress	2026-01-27	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Overton overton allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Overton: from n/a through <= 1.3.
CVE-2026-22391	2 Mikado-themes, Wordpress	2 Cocco, Wordpress	2026-01-27	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through <= 1.5.1.
CVE-2026-22404	2 Mikado-themes, Wordpress	2 Innovio, Wordpress	2026-01-27	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Innovio: from n/a through <= 1.7.
CVE-2025-67934	3 Mikado-themes, Qodeinteractive, Wordpress	3 Wellspring, Wellspring, Wordpress	2026-01-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wellspring wellspring allows PHP Local File Inclusion.This issue affects Wellspring: from n/a through < 2.8.
CVE-2025-54003	2 Mikado-themes, Wordpress	2 Depot, Wordpress	2026-01-26	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Depot depot allows PHP Local File Inclusion.This issue affects Depot: from n/a through <= 1.16.
CVE-2026-22400	2 Mikado-themes, Wordpress	2 Holmes, Wordpress	2026-01-26	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Holmes holmes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Holmes: from n/a through <= 1.7.
CVE-2026-22398	2 Mikado-themes, Wordpress	2 Fleur, Wordpress	2026-01-26	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fleur fleur allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fleur: from n/a through <= 2.0.
CVE-2026-22396	2 Mikado-themes, Wordpress	2 Fiorello, Wordpress	2026-01-26	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fiorello fiorello allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fiorello: from n/a through <= 1.0.
CVE-2026-22393	2 Mikado-themes, Wordpress	2 Curly, Wordpress	2026-01-26	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through <= 3.3.
CVE-2026-22430	2 Mikado-themes, Wordpress	2 Verdure, Wordpress	2026-01-26	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Verdure verdure allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verdure: from n/a through <= 1.6.

« first previous Page 3 of 4. next last »