CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8776 matches found

NVD•added 2025/12/18 8:15 a.m.•2 views

CVE-2025-49371

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Strux strux allows PHP Local File Inclusion.This issue affects Strux: from n/a through = 1.9...

8.1CVSS0.00445EPSS

Exploits0References1

NVD•added 2025/12/18 8:15 a.m.•3 views

CVE-2025-49362

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gracioza gracioza allows PHP Local File Inclusion.This issue affects Gracioza: from n/a through = 1.0.15...

8.1CVSS0.00557EPSS

Exploits0References1

NVD•added 2025/12/18 8:15 a.m.•2 views

CVE-2025-49365

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Jack Well jack-well allows PHP Local File Inclusion.This issue affects Jack Well: from n/a through = 1.0.14...

8.1CVSS0.00415EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•24 views

CVE-2025-64373 WordPress Traveler theme < 3.2.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in shinetheme Traveler traveler allows PHP Local File Inclusion.This issue affects Traveler: from n/a through 3.2.6...

8.1CVSS0.00337EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•2 views

CVE-2025-64373 WordPress Traveler theme < 3.2.6 - Local File Inclusion vulnerability

8.1CVSS6.7AI score0.00337EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•20 views

CVE-2025-64377 WordPress ListingPro theme < 2.9.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CridioStudio ListingPro listingpro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.10...

8.1CVSS0.00344EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•7 views

CVE-2025-64223

CVE-2025-64223 affects the WordPress PenNews plugin/theme and is a PHP Local File Inclusion vulnerability caused by improper control of the filename for include/require. The issue affects PenNews versions older than 6.7.3. Metrics indicate a high-severity impact (CVSS 3.1: base score 8.1) with ne...

8.1CVSS6.7AI score0.00415EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•23 views

CVE-2025-64223 WordPress PenNews theme < 6.7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

8.1CVSS0.00415EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•26 views

CVE-2025-64205 WordPress Jannah theme <= 7.6.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.0...

8.1CVSS0.00344EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•1 views

CVE-2025-64205 WordPress Jannah theme <= 7.6.0 - Local File Inclusion vulnerability

8.1CVSS6.7AI score0.00344EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•11 views

CVE-2025-6326

CVE-2025-6326 affects WordPress Inset theme (and related Inset components) up to version 1.18.0, exposing a PHP Local File Inclusion via improper control of the filename for include/require. The vulnerability enables access to local files due to an insecure inclusion mechanism. The provided docum...

8.1CVSS6.7AI score0.00344EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•10 views

CVE-2025-60076

CVE-2025-60076 affects WordPress Ray Enterprise Translation plugin (lingotek-translation) ≤ 1.7.1. The issue is an Improper Control of Filename for Include/Require leading to PHP Local File Inclusion (RFI) via a PHP Remote File Inclusion pattern. Affected component: WordPress plugin code path han...

7.5CVSS5.9AI score0.00349EPSS

Exploits0References1

EUVD•added 2025/12/18 7:22 a.m.•1 views

EUVD-2025-204112

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jbhovik Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through = 1.7.1...

7.5CVSS6.6AI score0.00349EPSS

Exploits0References2

Cvelist•added 2025/12/18 7:22 a.m.•28 views

CVE-2025-60078 WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia – Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through = 3.0.2...

7.5CVSS0.00381EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•2 views

CVE-2025-60076 WordPress Ray Enterprise Translation plugin <= 1.7.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through = 1.7.1...

7.5CVSS5.9AI score0.00349EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•6 views

CVE-2025-60072

CVE-2025-60072 affects the WordPress plugin Anchor smooth scroll, versions

8.1CVSS6.7AI score0.00415EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•7 views

CVE-2025-60071

CVE-2025-60071 describes a Local File Inclusion in the WordPress plugin/theme pair “Riode | Multi-Purpose WooCommerce” (WordPress/Riode) due to improper filename handling in include/require for PHP. Affected: Riode ≤ 1.6.23. The vulnerability enables PHP Local File Inclusion; impact and CVSS metr...

8.1CVSS5.9AI score0.00415EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•9 views

CVE-2025-60067

CVE-2025-60067 is a local/file inclusion vulnerability in the WordPress Giardino theme (versions <= 1.1.10). The issue is described as Improper Control of Filename for Include/Require Statement in PHP, enabling PHP Local File Inclusion. Affected product/component: WordPress Giardino theme; roo...

8.1CVSS6.7AI score0.00415EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/12/18 7:22 a.m.•3 views

CVE-2025-60069 WordPress MinimogWP theme <= 3.9.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through = 3.9.6...

8.1CVSS6.7AI score0.00415EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•24 views

CVE-2025-60069 WordPress MinimogWP theme <= 3.9.6 - Local File Inclusion vulnerability

8.1CVSS0.00415EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by