CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52811 – WordPress Davenport - Versatile Blog and Magazine WordPress Theme <= 1.3 - Local File Inclusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-52811
25 Jun 2025 — Path Traversal vulnerability in Creanncy Davenport - Versatile Blog and Magazine WordPress Theme allows PHP Local File Inclusion. This issue affects Davenport - Versatile Blog and Magazine WordPress Theme: from n/a through 1.3. The Davenport - Versatile Blog and Magazine WordPress Theme plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execut... • https://patchstack.com/database/wordpress/plugin/davenport/vulnerability/wordpress-davenport-versatile-blog-and-magazine-wordpress-theme-1-3-local-file-inclusion-vulnerability?_s_id=cve • CWE-35: Path Traversal: '.../...//' CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2004-2415
https://notcve.org/view.php?id=CVE-2004-2415
31 Dec 2004 — Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks. • http://secunia.com/advisories/12337 •