Theme-spirit Spirit Framework
2 CVEs affecting Theme-spirit Spirit Framework. Latest disclosed: 2025-10-03. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-6388 | Critical | 9.8 | 2025-10-03 | The Spirit Framework plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.2.14. This is due to the custom_action… |
CVE-2025-10269 | High | 7.5 | 2025-09-12 | The Spirit Framework plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.2.13. This makes it possible for authen… |