Ova Brw

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2025-52814	WordPress Ova Brw	Hig	0.53	8.1	0.01	Jun 27, 2025	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW ova-brw allows PHP Local File Inclusion.This issue affects BRW: from n/a through <= 1.8.7.
CVE-2025-49313	WordPress Ova Brw	Hig	0.49	7.5	0.00	Jun 6, 2025	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW ova-brw allows PHP Local File Inclusion.This issue affects BRW: from n/a through <= 1.8.6.
CVE-2025-49314	WordPress Ova Brw	Med	0.42	6.5	0.00	Jun 6, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ovatheme BRW ova-brw allows Stored XSS.This issue affects BRW: from n/a through <= 1.8.6.

CVE-2025-52814HigJun 27, 2025
WordPress
Ova Brw
risk 0.53cvss 8.1epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW ova-brw allows PHP Local File Inclusion.This issue affects BRW: from n/a through <= 1.8.7.
CVE-2025-49313HigJun 6, 2025
WordPress
Ova Brw
risk 0.49cvss 7.5epss 0.00
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW ova-brw allows PHP Local File Inclusion.This issue affects BRW: from n/a through <= 1.8.6.
CVE-2025-49314MedJun 6, 2025
WordPress
Ova Brw
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ovatheme BRW ova-brw allows Stored XSS.This issue affects BRW: from n/a through <= 1.8.6.