Top Dog
Monthly
Unauthenticated local file inclusion in the ThemeRex Top Dog WordPress theme (versions <=1.0.5) allows remote attackers to coerce the application into including arbitrary local PHP files, potentially leading to sensitive data disclosure or code execution if a writable/loggable file can be referenced. The flaw is reachable without authentication or user interaction over the network, though CVSS marks attack complexity as high; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Unauthenticated local file inclusion in the ThemeRex Top Dog WordPress theme (versions <=1.0.5) allows remote attackers to coerce the application into including arbitrary local PHP files, potentially leading to sensitive data disclosure or code execution if a writable/loggable file can be referenced. The flaw is reachable without authentication or user interaction over the network, though CVSS marks attack complexity as high; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.