8791 matches found
CVE-2025-62054 WordPress Houzez Theme - Functionality plugin <= 4.1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through = 4.1.8...
CVE-2025-62054
CVE-2025-62054 affects the Houzez Theme - Functionality plugin for WordPress (versions up to 4.1.8). The vulnerability is Local File Inclusion due to improper control of the filename in include/require statements (PHP Remote File Inclusion). Wordfence and Patchstack reference this as a LFI issue ...
CVE-2025-62029
CVE-2025-62029 is an unauthenticated Local File Inclusion in the WordPress Grevo theme (
CVE-2025-62029 WordPress Grevo theme <= 2.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themesion Grevo grevo.This issue affects Grevo: from n/a through = 2.4...
CVE-2025-59564 WordPress EduMall Theme < 4.4.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through 4.4.5...
CVE-2025-59564
The CVE describes a PHP Local File Inclusion in WordPress EduMall Theme prior to version 4.4.5 caused by improper control of the filename in an include/require statement. Affected product: WordPress EduMall Theme
CVE-2025-59564 WordPress EduMall Theme < 4.4.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through 4.4.5...
CVE-2025-59550
CVE-2025-59550 is a WordPress theme vulnerability in designervily Xcare (Xcare) where an improper control of the filename used by include/require enables a PHP Local File Inclusion (LFI). Affected product: WordPress theme Xcare
CVE-2025-59555
CVE-2025-59555 concerns the WordPress Medizin theme (ThemeMove Medizin medizin) with a Local File Inclusion vulnerability due to improper control of the filename in include/require statements. Affects Medizin versions before 1.9.7. Root cause is PHP filename handling allowing access to unauthoriz...
CVE-2025-59558 WordPress Billey Theme < 2.1.6 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through 2.1.6...
CVE-2025-59555 WordPress Medizin Theme < 1.9.7 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Medizin medizin allows PHP Local File Inclusion.This issue affects Medizin: from n/a through 1.9.7...
CVE-2025-59550 WordPress Xcare theme < 6.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in designervily Xcare xcare allows PHP Local File Inclusion.This issue affects Xcare: from n/a through 6.5...
CVE-2025-58967 WordPress Businext theme < 2.4.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through 2.4.4...
CVE-2025-58967 WordPress Businext theme < 2.4.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through 2.4.4...
CVE-2025-58967
The CVE-2025-58967 affects WordPress Businext theme/plugin Businext prior to version 2.4.4. The vulnerability is a PHP Local File Inclusion caused by improper control of filenames for include/require statements. Impact per sources indicates potential exposure of local files, with CVSS 3.1 base sc...
CVE-2025-58958 WordPress SmilePure Theme < 1.8.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through 1.8.5...
CVE-2025-58958 WordPress SmilePure Theme < 1.8.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through 1.8.5...
CVE-2025-58955
CVE-2025-58955 is a WordPress Theme vulnerability in Karzo (versions before 2.6) caused by improper control of filenames in include/require statements, leading to PHP Local File Inclusion (LFI). The impact is described as PHP Local File Inclusion with high risk (CVSS 3.1 base score 8.1). Multiple...
CVE-2025-58955 WordPress Karzo theme < 2.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in designervily Karzo karzo allows PHP Local File Inclusion.This issue affects Karzo: from n/a through 2.6...
CVE-2025-49935 WordPress WoodMart theme < 8.3.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in xtemos WoodMart woodmart allows PHP Local File Inclusion.This issue affects WoodMart: from n/a through 8.3.2...