8777 matches found
CVE-2025-60069
CVE-2025-60069 concerns the WordPress MinimogWP theme (minimog) up to version 3.9.6. The issue is an improper control of filenames for include/require statements, enabling PHP Local File Inclusion (LFI) via the theme’s code. The vulnerability is described as a PHP Local File Inclusion in MinimogW...
CVE-2025-60064
CVE-2025-60064 describes a PHP Local File Inclusion in the WordPress Renewal theme (versions <= 1.2.2) due to improper control of filenames for include/require. The issue affects Renewal; CVSS 3.1 base score 8.1 (HIGH) with network attack vector, no privileges required, user interaction requir...
CVE-2025-60066
CVE-2025-60066 affects the WordPress Katelyn theme ≤ 1.0.10. The issue is an improper control of filenames for Include/Require in PHP, enabling Local File Inclusion. The description consistently specifies this vulnerability as a Local File Inclusion risk in Katelyn and does not provide exploitati...
CVE-2025-60063 WordPress Rosalinda theme <= 1.2.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through = 1.2.3...
CVE-2025-60066 WordPress Katelyn theme <= 1.0.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Katelyn katelyn allows PHP Local File Inclusion.This issue affects Katelyn: from n/a through = 1.0.10...
CVE-2025-60066 WordPress Katelyn theme <= 1.0.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Katelyn katelyn allows PHP Local File Inclusion.This issue affects Katelyn: from n/a through = 1.0.10...
CVE-2025-60065 WordPress Pinevale theme <= 1.0.14 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Pinevale pinevale allows PHP Local File Inclusion.This issue affects Pinevale: from n/a through = 1.0.14...
CVE-2025-60064 WordPress Renewal theme <= 1.2.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Renewal renewal allows PHP Local File Inclusion.This issue affects Renewal: from n/a through = 1.2.2...
EUVD-2025-204122
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through = 1.2.3...
CVE-2025-60060
CVE-2025-60060 pertains to a PHP Local File Inclusion in the WordPress Pubzinne theme (versions up to and including 1.0.12). The root cause is improper control of filenames for include/require statements, enabling local file inclusion through the plugin/theme code. Affected product: Pubzinne Word...
CVE-2025-60057
CVE-2025-60057 corresponds to a Local File Inclusion vulnerability in the WordPress DJ Rainflow theme (
CVE-2025-60061 WordPress Kicker theme <= 2.2.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Kicker kicker allows PHP Local File Inclusion.This issue affects Kicker: from n/a through = 2.2.0...
CVE-2025-60060 WordPress Pubzinne theme <= 1.0.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Pubzinne pubzinne allows PHP Local File Inclusion.This issue affects Pubzinne: from n/a through = 1.0.12...
CVE-2025-60058 WordPress DetailX theme <= 1.10.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DetailX detailx allows PHP Local File Inclusion.This issue affects DetailX: from n/a through = 1.10.0...
CVE-2025-60057 WordPress DJ Rainflow theme <= 1.3.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through = 1.3.13...
CVE-2025-60061 WordPress Kicker theme <= 2.2.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Kicker kicker allows PHP Local File Inclusion.This issue affects Kicker: from n/a through = 2.2.0...
CVE-2025-60058 WordPress DetailX theme <= 1.10.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DetailX detailx allows PHP Local File Inclusion.This issue affects DetailX: from n/a through = 1.10.0...
CVE-2025-60058
The CVE is linked to WordPress DetailX theme versions up to 1.10.0, with a Local File Inclusion (LFI) risk caused by improper control of filenames in PHP include/require statements. Affected software: DetailX detailx (WordPress plugin/theme) <= 1.10.0. Root cause: improper filename handling en...
CVE-2025-60052
The CVE-2025-60052 entry concerns a Local File Inclusion in the WordPress W&D theme (W&D)
CVE-2025-60053
The CVE-2025-60053 entry describes a Local File Inclusion (LFI) vulnerability in the WordPress MaxCube theme/plugin (MaxCube maxcube) caused by improper control of filenames for include/require in PHP. Affected versions are MaxCube up to and including 1.3.1; no explicit fix/version is provided in...