Themes Vulnerabilities

Sahifa 2.4.0 - Multiple Full Path Disclosure

Description

The sahifa WordPress theme was affected by a Multiple Full Path Disclosure security vulnerability.

Affects Themes

sahifa
Fixed in 3.0.0

References

URL
https://packetstormsecurity.com/files/#119191/
URL
https://themeforest.net/item/sahifa-responsive-wordpress-news-magazine-newspaper-theme/2819356

Classification

Type
FPD
OWASP top 10
A6: Security Misconfiguration
CWE
CWE-209
CVSS
5.3 (medium)

Miscellaneous

Verified
No
WPVDB ID
97c9e1ef-5934-4310-9e54-b24eeda91707

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2020-12-10 (about 5 years ago)

Other

Published
Title
Published
2025-12-15
Title
Fancy Product Designer | WooCommerce WordPress < 6.5.0 - Unauthenticated Full Path Disclosure via 'pdf' Parameter
Published
2025-02-20
Title
C9 Blocks <= 1.7.7 - Unauthenticated Full Path Disclosure
Published
2019-10-16
Title
Fast Velocity Minify < 2.7.7 - Full Path Disclosure
Published
2025-02-17
Title
Actionwear products sync < 2.3.3 - Unauthenticated Full Patch Disclosure
Published
2014-08-01
Title
Shotzz - Full Path Disclosure