CVE-2026-27383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...

CVE-2026-27381 WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...

CVE-2026-27341

CVE-2026-27341 is a Local File Inclusion vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme, arising from improper control of filenames in include/require statements. Connected sources confirm exploitation potential for TopScorer themes affected up to version 1.2 (n/a through

CVE-2026-27340

CVE-2026-27340 refers to an Local File Inclusion (LFI) vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme affecting versions through 1.3.1. The issue stems from improper control of filenames in PHP include/require statements, enabling inclusion of local files. Public sour...

CVE-2026-27339 WordPress Buzz Stone | Magazine & Viral Blog WordPress Theme theme <= 1.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Buzz Stone | Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone | Magazine & Viral Blog WordPress Theme:...

CVE-2026-27342 WordPress TopFit - Fitness and Gym WordPress Theme theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through = 1.9...

CVE-2026-27341 WordPress TopScorer - Sports WordPress Theme theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme topscorer allows PHP Local File Inclusion.This issue affects TopScorer - Sports WordPress Theme: from n/a through = 1.2...

CVE-2026-27341

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme topscorer allows PHP Local File Inclusion.This issue affects TopScorer - Sports WordPress Theme: from n/a through = 1.2...

CVE-2026-27342 WordPress TopFit - Fitness and Gym WordPress Theme theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through = 1.9...

CVE-2026-27340 WordPress Apollo | Night Club, DJ Event WordPress Theme theme <= 1.3.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo | Night Club, DJ Event WordPress Theme: from n/a throu...

CVE-2026-27335

CVE-2026-27335 concerns the Ekoterra WordPress theme (AncoraThemes Ekoterra, NonProfit, Green Energy & Ecology Theme) with versions through 1.0.0. Public records describe an improper control of filenames for Include/Require in PHP, effectively a Local File Inclusion (LFI) vulnerability. Reported ...

CVE-2026-27336

CVE-2026-27336 details a Local File Inclusion in the AncoraThemes Consultor WordPress Theme (versions

CVE-2026-27337

CVE-2026-27337 is a Local File Inclusion vulnerability in the AncoraThemes Chronicle – Lifestyle Magazine & Blog WordPress Theme (Chronicle) affecting versions up to 1.0. Root cause: improper control of include/require filename handling in PHP (PHP Local File Inclusion). Exploitation details are ...

CVE-2026-27335

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & Ecology Theme: fr...

CVE-2026-27337 WordPress Chronicle - Lifestyle Magazine & Blog WordPress Theme theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress...

CVE-2026-27336 WordPress Consultor | Consulting, Accounting & Legal Counsel WordPress Theme theme <= 1.2.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting &...

CVE-2026-27334

CVE-2026-27334: Local File Inclusion in WordPress Alchemists theme (

CVE-2026-27097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

CVE-2026-27097

CVE-2026-27097 affects AncoraThemes CasaMia WordPress Theme (≤1.1.2). The vulnerability is a PHP Local File Inclusion caused by improper control of filenames in include/require. Impact: potential disclosure of local files; CVSS 3.1Base 8.1 (High). Patch status in reports: Unpatched; remediation g...

CVE-2026-27097 WordPress CasaMia | Property Rental Real Estate WordPress Theme theme <= 1.1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...