Permalink
CVE-2025-28945
8.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress Valen - Sport, Fashion WooCommerce WordPress Theme <= 2.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Valen - Sport, Fashion WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Valen - Sport, Fashion WooCommerce WordPress Theme: from n/a through 2.4.
References
Affected products
valen
- =<2.4
Matching in nixpkgs
pkgs.valent
Implementation of the KDE Connect protocol, built on GNOME platform libraries
-
nixos-unstable -
- nixpkgs-unstable 1.0.0.alpha.46-unstable-2024-10-26
pkgs.valentina
Open source sewing pattern drafting software
-
nixos-unstable -
- nixpkgs-unstable 0.7.53
pkgs.gnomeExtensions.valent
GNOME Shell integration for Valent
-
nixos-unstable -
- nixpkgs-unstable 1.0.0.alpha.48
pkgs.sbclPackages.cl-prevalence
None
-
nixos-unstable -
- nixpkgs-unstable 20250622-git
pkgs.haskellPackages.equivalence
Maintaining an equivalence relation implemented as union-find using STT
-
nixos-unstable -
- nixpkgs-unstable 0.4.1
pkgs.vscode-extensions.valentjn.vscode-ltex
None
-
nixos-unstable -
- nixpkgs-unstable 13.1.0
Package maintainers
-
@lukego Luke Gorrie <luke@snabb.co>
-
@nagy Daniel Nagy <danielnagy@posteo.de>
-
@hraban Hraban Luyat <hraban@0brg.net>
-
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
-
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
-
@Aleksanaa Aleksana QwQ <me@aleksana.moe>
-
@0xbe7a Bela Stoyan <nix@be7a.de>