These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-69173 is a HIGH severity vulnerability (CVSS Score: 8.1) affecting the Tipsy theme, version 1.1 or earlier. This vulnerability allows unauthenticated local file inclusion, potentially enabling attackers to access sensitive files. The vulnerability was published on June 17, 2026, and last modified on the same day. The vendor and product information is not confirmed, with a low confidence level. Us [truncated]
CVE-2025-69172 is a HIGH-severity vulnerability (CVSS Score: 8.1) affecting the Resurs theme, version <= 1.3. This Unauthenticated Local File Inclusion vulnerability allows attackers to include local files without authentication. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the affected theme should take immediate action to mitigate potential risks. The ven [truncated]
CVE-2025-69171 is a HIGH severity vulnerability (CVSS Score: 8.1) affecting Orpheus theme versions <= 1.3. This vulnerability allows unauthenticated local file inclusion. The CVE was published on 2026-06-17T13:19:24.610Z and last modified on 2026-06-17T14:44:26.397Z. Organizations using the affected Orpheus theme should take immediate action to mitigate this vulnerability.
CVE-2025-69165 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Choreo theme, affecting versions <= 1.6. This vulnerability allows unauthenticated local file inclusion, potentially leading to data breaches and system compromise. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the affected theme should take immediate action to mitigate the risk. The ve [truncated]
CVE-2025-69162 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Grecko theme, affecting versions up to and including 5.17. This vulnerability allows unauthenticated attackers to include local files, potentially leading to sensitive information disclosure, code execution, or other malicious activities. The vulnerability was published on June 17, 2026, and immediately gained attention due to its hi [truncated]
CVE-2025-69161 is a high-severity vulnerability in the Snowy theme, versions <= 1.13, allowing unauthenticated local file inclusion. This vulnerability has a CVSS score of 8.1 and is considered HIGH severity. The vulnerability was published on June 17, 2026, and last modified on the same day. The vendor and product information is not confirmed, with the canonical source being a weak reference domain. Ther [truncated]
CVE-2025-69150 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Medeus theme, affecting versions <= 1.14. This vulnerability allows unauthenticated local file inclusion, potentially enabling attackers to access sensitive files. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the Medeus theme should take immediate action to mitigate this vulnerability. [truncated]
CVE-2025-69148 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Quirky WordPress theme, affecting versions <= 1.23. This vulnerability allows unauthenticated local file inclusion, potentially enabling attackers to access sensitive files on the server. The vulnerability was published on June 17, 2026, and last modified on the same day. Organizations using the affected theme versions should take im [truncated]
CVE-2025-69145 is a high-severity vulnerability in the Gat theme, affecting versions <= 1.16. This vulnerability allows unauthenticated local file inclusion, with a CVSS score of 8.1. The vulnerability was published on June 17, 2026, and last modified on the same day. Organizations using the affected Gat theme versions should take immediate action to mitigate the risk.
CVE-2025-69141 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Kelly Young theme, affecting versions <= 1.1.0. This vulnerability allows unauthenticated local file inclusion, potentially enabling attackers to access sensitive files. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the affected theme should take immediate action to mitigate this vulnerability.
CVE-2025-69125 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Food Drop theme for WordPress, versions <= 1.3. This vulnerability allows unauthenticated local file inclusion, potentially enabling attackers to access sensitive files. The vulnerability was published on June 17, 2026. Organizations using the affected theme should take immediate action to mitigate potential risks. The CVE record and [truncated]
CVE-2025-69122 is a critical vulnerability in the SeaFood Company theme for WordPress, versions <= 1.4, allowing unauthenticated PHP object injection. With a CVSS score of 9.8, this vulnerability poses a significant risk to affected systems. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the affected theme should take immediate action to mitigate the risk. Th [truncated]
CVE-2025-69121 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Deliciosa theme, affecting versions up to 1.10.0. This vulnerability allows unauthenticated local file inclusion, potentially enabling attackers to access sensitive files. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the Deliciosa theme should take immediate action to mitigate this risk.
CVE-2025-69118 is a high-severity vulnerability in the CopyPress WordPress theme, with a CVSS score of 8.1. The vulnerability allows unauthenticated attackers to include local files, potentially leading to code execution, data breaches, or other malicious activities. This vulnerability was published on June 17, 2026, and immediately gained attention due to its high severity and potential impact. Users of [truncated]
CVE-2025-69116 is a high-severity vulnerability in the Iona theme, affecting versions <= 1.0.8. This vulnerability allows unauthenticated local file inclusion, with a CVSS score of 8.1. The vulnerability was published on June 17, 2026, and last modified on the same day. The vendor and product information are not confirmed, with a low confidence level. Users of the Iona theme should take immediate action t [truncated]
CVE-2025-69113 is a high-severity vulnerability (CVSS Score: 8.1) affecting Nexio versions <= 1.10.0. This vulnerability allows unauthenticated local file inclusion, potentially leading to sensitive information disclosure and system compromise. The vulnerability was published on June 17, 2026, and immediately gained attention due to its high severity and potential impact. Users of affected Nexio versions [truncated]
CVE-2025-69112 is a HIGH severity vulnerability (CVSS Score: 8.1) in the Planty theme, affecting versions up to 1.14.0. This vulnerability allows unauthenticated local file inclusion. The CVE was published on 2026-06-17T13:19:17.100Z and last modified on 2026-06-17T14:45:15.717Z. Users of the affected theme should take immediate action to mitigate potential risks.
CVE-2025-69108 is a critical vulnerability in the Hot Coffee theme, affecting versions up to 1.7. This vulnerability allows for unauthenticated PHP object injection, posing a significant risk to affected systems. With a CVSS score of 9.8, it is considered highly severe. The vulnerability was published on June 17, 2026, and last modified on the same day. Users of the Hot Coffee theme should take immediate [truncated]
A critical vulnerability, CVE-2025-60205, was disclosed in ThemeREX Addons versions <= 2.36.1.1, allowing unauthenticated PHP Object Injection. With a CVSS score of 9.8, this vulnerability poses a significant risk to affected installations. Organizations using this plugin should prioritize immediate action to mitigate potential exploitation. The vulnerability was made public on June 17, 2026, and no ranso [truncated]
CVE-2025-58954 is a high-severity vulnerability in the HomeRoofer theme, version 2.11.0 or earlier. The vulnerability is an unauthenticated local file inclusion issue, which could allow attackers to access sensitive files on the server. This vulnerability was published on June 17, 2026, and has a CVSS score of 8.1, indicating a high level of severity. Organizations using the affected version of HomeRoofer [truncated]
CVE-2025-58953 is a HIGH severity vulnerability (CVSS Score: 8.1) affecting Joly theme versions <= 1.22.0. This vulnerability allows unauthenticated local file inclusion. The CVE was published on 2026-06-17T13:19:14.653Z and last modified on 2026-06-17T17:16:38.647Z. Users of the affected Joly theme versions should take immediate action to mitigate this vulnerability.
CVE-2025-58952 is a high-severity vulnerability in the Neuronet theme, with a CVSS score of 8.1. It allows unauthenticated attackers to include local files, potentially leading to code execution, data breaches, or system compromise. The vulnerability affects Neuronet versions prior to 1.14.0. Organizations using affected versions should prioritize patching. The CVE was published on June 17, 2026, and has [truncated]