CVE-2026-39552 WordPress Blueprint theme < 1.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

CVE-2026-48972

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion. This issue affects SeedProd Pro: from n/a before 6.19.5...

CVE-2025-58913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through = 2.3.8.1...

CVE-2026-27047

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Curly Core curly-core allows PHP Local File Inclusion.This issue affects Curly Core: from n/a through = 2.1.6...

CVE-2026-22496

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Hypnotherapy hypnotherapy allows PHP Local File Inclusion.This issue affects Hypnotherapy: from n/a through = 1.2.10...

EUVD-2026-15777

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Belfort belfort allows PHP Local File Inclusion.This issue affects Belfort: from n/a through = 1.0...

CVE-2026-25458

CVE-2026-25458 affects Moments (WordPress theme) up to version 2.2. The issue is an improper control of filename for include/require statements in PHP, effectively a PHP Remote File Inclusion that enables Local File Inclusion. According to Wordfence, this vulnerability is currently Unpatched; CVS...

CVE-2026-22509

CVE-2026-22509 is a WordPress Gioia theme vulnerability (

CVE-2026-22494 WordPress Good Homes theme <= 1.3.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Good Homes good-homes allows PHP Local File Inclusion.This issue affects Good Homes: from n/a through = 1.3.13...

PT-2026-27830

Name of the Vulnerable Software and Affected Versions Elated-Themes Gioia versions n/a through 1.4 Description The software contains a flaw due to improper control of filename handling for include/require statements. This results in a PHP Remote File Inclusion issue, specifically allowing PHP Loc...

CVE-2026-32392

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through = 8.1...

CVE-2026-27336

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting &...

CVE-2026-28018

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

CVE-2026-28094

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX RexCoin rexcoin allows PHP Local File Inclusion.This issue affects RexCoin: from n/a through = 1.2.6...

CVE-2026-28067

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Bassein bassein allows PHP Local File Inclusion.This issue affects Bassein: from n/a through = 1.0.15...

CVE-2026-22405

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Overton overton allows PHP Local File Inclusion.This issue affects Overton: from n/a through = 1.3...

CVE-2026-28123

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...

CVE-2026-27336

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting &...

CVE-2026-28120 WordPress Dr.Patterson theme <= 1.3.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dr.Patterson dr-patterson allows PHP Local File Inclusion.This issue affects Dr.Patterson: from n/a through = 1.3.2...

CVE-2026-28087 WordPress Filmax theme <= 1.1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Filmax filmax allows PHP Local File Inclusion.This issue affects Filmax: from n/a through = 1.1.11...