EUVD-2026-9750

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through = 1.2.14...

CVE-2026-28095

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through = 1.2.14...

CVE-2026-28095 WordPress Marcell theme <= 1.2.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through = 1.2.14...

PT-2026-23370

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through = 1.2.14...

WordPress Marcell theme <= 1.2.14 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Marcell versions = 1.2.14...

CVE-2025-68545

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

CVE-2025-68545

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

CVE-2025-68545 WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

CVE-2025-68545 WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

CVE-2025-68545

CVE-2025-68545 is a Local File Inclusion vulnerability in the WordPress Nika theme (thembay Nika) affecting versions up to and including 1.2.14, caused by improper control of filenames in include/require statements. The issue is categorized as a PHP Local File Inclusion vulnerability (also descri...

WordPress plugin Nika 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Nika versions = 1.2.14...

MiracleLinux 4 : log4j-1.2.14-6.4.0.1.AXS4 (AXSA:2021-2880:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2880:02 advisory. log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender CVE-2021-4104 Tenable has extracted the preceding description blo...

CVE-2022-0750

The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the thumbnailwidth, thumbnailheight, maximagewidth, and maximageheight parameters found in the /photoswipe-masonry.php file which allows authenticated attackers t...

CVE-2025-68546

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

CVE-2025-68546 WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability

Software : Nika Type : Theme Vulnerable versions : = 1.2.14 Fixed in : 1.2.15 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68546 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : c4d1fd5c314f...

WordPress Nika theme <= 1.2.14 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Nika versions = 1.2.14...

EUVD-2007-2230

Malware in sbrugna...

CVE-2025-6388

The Spirit Framework plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.2.14. This is due to the customactions function not properly validating a user's identity prior to authenticating them to the site. This makes it possible for unauthenticated...