CVE-2025-6991 | Kallyas Plugin up to 4.21.0 on WordPress TH_LatestPosts4 file inclusion

Inserito da Angelo Barbosa | Lug 26, 2025 | CVE

A vulnerability was found in Kallyas Plugin up to 4.21.0 on WordPress and classified as critical. Affected by this issue is the function TH_LatestPosts4. The manipulation leads to file inclusion.

This vulnerability is handled as CVE-2025-6991. The attack may be launched remotely. There is no exploit available.

CVE-2025-6991 | Kallyas Plugin up to 4.21.0 on WordPress TH_LatestPosts4 file inclusion

Post correlati

CVE-2023-40702 | Ping Identity PingOne MFA Integration Kit up to 2.3.0 authentication spoofing

CVE-2024-1160 | Bold Page Builder Plugin up to 4.8.0 on WordPress Icon Link cross site scripting

CVE-2025-23059 | HPE Aruba Networking ClearPass Policy Manager up to 6.11.9/6.12.3 Web-based Management Interface information disclosure

CVE-2024-52299 | xwikisas macro-pdfviewer up to 2.5.5 generation of predictable numbers or identifiers (GHSA-522m-m242-jr9p)