CVE-2025-67992 WordPress PatioTime theme < 2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue affects PatioTime: from n/a through 2.1...

CVE-2025-67992 WordPress PatioTime theme < 2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue affects PatioTime: from n/a through 2.1...

CVE-2025-67980

CVE-2025-67980 is a WordPress vulnerability in the thembay Hara theme (WordPress) identified as a Local File Inclusion due to improper control of filenames for include/require in PHP. Affected versions: Hara up to and including 1.2.17. The issue enables local file inclusion via PHP, as described ...

CVE-2025-67981

CVE-2025-67981 is a locally exploitable vulnerability in the WordPress theme Besa (thembay) &lt;= 2.3.15, described as an unauthenticated Local File Inclusion (LFI) due to improper control of the filename used in PHP include/require. Public sources (NVD/Red Hat/CVE list) confirm the affected prod...

CVE-2025-67982

CVE-2025-67982 : WordPress Theme Urna, versions

CVE-2025-67982 WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.12...

CVE-2025-67988 WordPress CozyStay theme < 1.9.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean CozyStay cozystay allows PHP Local File Inclusion.This issue affects CozyStay: from n/a through 1.9.1...

CVE-2025-67980 WordPress Hara theme <= 1.2.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.17...

CVE-2025-67981 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

CVE-2025-67982 WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.12...

CVE-2025-67988 WordPress CozyStay theme < 1.9.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean CozyStay cozystay allows PHP Local File Inclusion.This issue affects CozyStay: from n/a through 1.9.1...

CVE-2025-67988

CVE-2025-67988 targets the CozyStay WordPress theme (CozyStay) with an improper control of filenames for include/require statements, yielding a PHP Local File Inclusion. The vulnerability affects CozyStay: from n/a through

CVE-2026-25326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through = 1.4.5...

PT-2026-21202

Name of the Vulnerable Software and Affected Versions Jetpack CRM versions through 6.7.0 Description A flaw exists in Automattic Jetpack CRM that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue impacts the software when handling...

PT-2026-21204

Name of the Vulnerable Software and Affected Versions axiomthemes A-Mart versions through 1.0.2 Description A flaw exists in axiomthemes A-Mart that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue could allow an attacker to includ...

PT-2026-21224

Name of the Vulnerable Software and Affected Versions Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme versions through 1.3 Description The software contains a flaw related to improper control of filenames used in include/require statements, specifically a PHP Local File Inclusi...

PT-2026-21207

Name of the Vulnerable Software and Affected Versions axiomthemes SevenTrees versions through 1.0.2 Description The software contains an Improper Control of Filename for Include/Require Statement issue, specifically a PHP Local File Inclusion. This allows for the inclusion of local files within t...

PT-2026-21039

Name of the Vulnerable Software and Affected Versions Extensive VC Addons for WPBakery page builder versions through 1.9.1 Description A flaw exists in Extensive VC Addons for WPBakery page builder that allows for PHP Local File Inclusion due to improper control of filename for include/require...

PT-2026-21093

Name of the Vulnerable Software and Affected Versions thembay Fana versions through 1.1.35 Description An issue exists in thembay Fana related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion. This allows for potential unauthorized access or...

PT-2026-21055

Name of the Vulnerable Software and Affected Versions thembay Urna versions through 2.5.12 Description An issue exists in thembay Urna that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This is a PHP Remote File Inclusion type of issue...