Vulnerabilities in LoftOcean
8 resultsCVE-2024-13410CRITICALCozyStay <= 1.7.0 and TinySalt <= 3.9.0 - Unauthenticated PHP Object Injection in ajax_handlerEPSS 0.7%CVE-2025-67988HIGHWordPress CozyStay theme < 1.9.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-49454HIGHWordPress TinySalt theme < 3.10.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-67992HIGHWordPress PatioTime theme < 2.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-67995CRITICALWordPress PatioTime theme < 2.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-49507CRITICALWordPress CozyStay theme < 1.7.1 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-49508HIGHWordPress CozyStay theme < 1.7.1 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2024-13412HIGHCozyStay <= 1.7.0 - Missing Authorization to Arbitrary Action Execution in ajax_handlerEPSS 0.3%