CVE-2025-60190

CVE-2025-60190 concerns the Immocaster WordPress Plugin (versions <= 1.3.6). The issue is an improper control of the filename used in include/require statements, enabling PHP Local File Inclusion. Affected component: Immocaster WordPress Plugin immocaster; root cause is uncontrolled filename h...

CVE-2025-60191 WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a throug...

CVE-2025-60190 WordPress Immocaster WordPress Plugin plugin <= 1.3.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hinnerk Altenburg Immocaster WordPress Plugin immocaster allows PHP Local File Inclusion.This issue affects Immocaster WordPress Plugin: from n/a through = 1.3.6...

CVE-2025-60074

CVE-2025-60074 affects the WordPress Lazy Load Optimizer plugin (

CVE-2025-60074 WordPress Lazy Load Optimizer plugin <= 1.4.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Processby Lazy Load Optimizer lazy-load-optimizer allows PHP Local File Inclusion.This issue affects Lazy Load Optimizer: from n/a through = 1.4.7...

CVE-2025-58995

CVE-2025-58995 affects the WordPress Leblix theme (&lt;= 2.4) with an improper control of filenames in Include/Require, enabling Local File Inclusion. Public descriptions confirm vulnerability in Leblix

CVE-2025-58995 WordPress Leblix Theme <= 2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Leblix leblix allows PHP Local File Inclusion.This issue affects Leblix: from n/a through = 2.4...

CVE-2025-58995 WordPress Leblix Theme <= 2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Leblix leblix allows PHP Local File Inclusion.This issue affects Leblix: from n/a through = 2.4...

CVE-2025-58994 WordPress Greenify theme <= 2.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in designervily Greenify greenify allows PHP Local File Inclusion.This issue affects Greenify: from n/a through = 2.2...

CVE-2025-53252

CVE-2025-53252 concerns WordPress Zegen Theme

CVE-2025-53252 WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

CVE-2025-48330 WordPress Real Time Validation for Gravity Forms <= 1.7.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...

EUVD-2025-38016

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...

CVE-2025-48290 WordPress Kinsley theme <= 3.4.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bslthemes Kinsley kinsley allows PHP Local File Inclusion.This issue affects Kinsley: from n/a through = 3.4.4...

CVE-2025-48290 WordPress Kinsley theme <= 3.4.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bslthemes Kinsley kinsley allows PHP Local File Inclusion.This issue affects Kinsley: from n/a through = 3.4.4...

CVE-2025-39468 WordPress Modal Survey plugin <= 2.0.2.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pantherius Modal Survey modal-survey.This issue affects Modal Survey: from n/a through = 2.0.2.0.1...

CVE-2025-39466 WordPress Dør theme <= 2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4...

CVE-2025-39466 WordPress Dør theme <= 2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4...

CVE-2025-39463

CVE-2025-39463 is a WordPress Dessau theme local-file-inclusion vulnerability. Connected sources confirm an improper control of filenames for include/require leading to PHP Local File Inclusion in Dessau, affecting versions earlier than 1.9. The issue is documented as an LFI vulnerability in the ...

CVE-2025-39463 WordPress Dessau theme < 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Dessau dessau allows PHP Local File Inclusion.This issue affects Dessau: from n/a through 1.9...