Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-26735

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress Grip theme <= 1.0.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Candid themes Grip.This issue affects Grip: from n/a through 1.0.9.

References

https://patchstack.com/database/wordpress/theme/grip/vulnerability/wordpress-gr… vdb-entry

Affected products

grip

=<1.0.9

Matching in nixpkgs

pkgs.grip

GTK-based audio CD player/ripper

nixos-unstable -
- nixpkgs-unstable 4.2.4

pkgs.go-grip

Preview Markdown files locally before committing them

nixos-unstable -
- nixpkgs-unstable 0.5.6

pkgs.grip-grab

Fast, more lightweight ripgrep alternative for daily use cases

nixos-unstable -
- nixpkgs-unstable 0.6.7

pkgs.regripper

Open source forensic software used as a Windows Registry data extraction command line

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-12-12

pkgs.grip-search

Fast, indexed regexp search over large file trees

nixos-unstable -
- nixpkgs-unstable 0.8

pkgs.jetbrains.datagrip

Database IDE from JetBrains

nixos-unstable -
- nixpkgs-unstable 2025.2.2

pkgs.python312Packages.grip

Preview GitHub Markdown files like Readme locally before committing them

nixos-unstable -
- nixpkgs-unstable 4.6.1

pkgs.python313Packages.grip