8812 matches found
CVE-2025-53207 WordPress WP Travel Gutenberg Blocks plugin <= 3.9.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks allows PHP Local File Inclusion.This issue affects WP Travel Gutenberg Blocks: from n/a through = 3.9.0...
CVE-2025-53210 WordPress ZoloBlocks Plugin <= 2.3.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bdthemes ZoloBlocks zoloblocks allows PHP Local File Inclusion.This issue affects ZoloBlocks: from n/a through = 2.3.2...
CVE-2025-53210 WordPress ZoloBlocks Plugin <= 2.3.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bdthemes ZoloBlocks zoloblocks allows PHP Local File Inclusion.This issue affects ZoloBlocks: from n/a through = 2.3.2...
CVE-2025-53567 WordPress Ghost Kit <= 3.4.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Ghost Kit ghostkit allows PHP Local File Inclusion.This issue affects Ghost Kit: from n/a through = 3.4.1...
CVE-2025-53565 WordPress Widget for Google Reviews <= 1.0.15 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Widget for Google Reviews business-reviews-wp allows PHP Local File Inclusion.This issue affects Widget for Google Reviews: from n/a through = 1.0.15...
CVE-2025-53567 WordPress Ghost Kit <= 3.4.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Ghost Kit allows PHP Local File Inclusion. This issue affects Ghost Kit: from n/a through 3.4.1...
CVE-2025-54017 WordPress Paid Member Subscriptions <= 2.15.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cozmoslabs Paid Member Subscriptions allows PHP Local File Inclusion. This issue affects Paid Member Subscriptions: from n/a through 2.15.4...
CVE-2025-54028 WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Saleswonder Team: Tobias CF7 WOW Styler cf7-styler allows PHP Local File Inclusion.This issue affects CF7 WOW Styler: from n/a through = 1.7.2...
CVE-2025-54028 WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Saleswonder Team Tobias CF7 WOW Styler allows PHP Local File Inclusion. This issue affects CF7 WOW Styler: from n/a through 1.7.2...
CVE-2025-54031
CVE-2025-54031 is a PHP Local File Inclusion in WordPress Support Board, caused by improper control of filename for include/require statements. Affected: Support Board versions through 3.8.0. Impact: PHP LFI leading to access to local files; CVSS metrics indicate HIGH severity. Remediation: a fix...
CVE-2025-54034 WordPress Newsletters plugin <= 4.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Tribulant Software Newsletters newsletters-lite allows PHP Local File Inclusion.This issue affects Newsletters: from n/a through = 4.10...
CVE-2025-54034
CVE-2025-54034 corresponds to a Local File Inclusion in WordPress Newsletters (Tribulant Software Newsletters) up to version 4.10. The issue arises from improper control of the filename used in include/require, enabling local file inclusion. CVSS v3.1 base score 7.5 (HIGH) with attack vector NETW...
CVE-2025-54750 WordPress Funnel Builder by FunnelKit Plugin <= 3.11.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows PHP Local File Inclusion.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.11.1...
Linux Distros Unpatched Vulnerability : CVE-2021-43302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Read out-of-bounds in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename i...
PT-2025-33916 · Michele Giorgi · Formality
Name of the Vulnerable Software and Affected Versions: Formality versions n/a through 1.5.9 Description: An improper control of filename for include/require statement exists in Michele Giorgi Formality, allowing for PHP Local File Inclusion. Recommendations: Update Formality to a version later th...
PT-2025-33919 · Caliris +1 · Caliris +1
Name of the Vulnerable Software and Affected Versions: Caliris versions not specified through 1.5 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion in CocoBasic Caliris. Recommendations: At the...
PT-2025-33987 · Unknown · Nk Ghost Kit
Name of the Vulnerable Software and Affected Versions: nK Ghost Kit versions through 3.4.1 Description: This issue involves improper control of filename handling for Include/Require statements in PHP programs, specifically a PHP Remote File Inclusion vulnerability that allows for PHP Local File...
PT-2025-33930 · WordPress · Seopress For Mainwp
Name of the Vulnerable Software and Affected Versions: SEOPress for MainWP versions through 1.4 Description: This issue involves improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion. Recommendations: Update SEOPress for...
WordPress plugin Ghost Kit 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin Cena Store 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...