Lucene search
+L

8987 matches found

NVD
NVD
added 5 days ago4 views

CVE-2026-57743

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

8.1CVSS0.00415EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-22102 Arbitrary file overwrite through certificate update functionality

A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Content-Disposition header without verification. This can be used to cause a denial of service by overwriting system files, or...

9.3CVSS0.00431EPSS
Exploits0References1
CVE
CVE
added 5 days ago12 views

CVE-2026-22102

CVE-2026-22102 describes an issue where a POST request to a specific webserver endpoint can write to arbitrary file locations. The filename parameter is taken from the Content-Disposition header without verification, enabling: Denial of service by overwriting system files Potential remote code ex...

9.3CVSS6.3AI score0.00431EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-57795

CVE-2026-57795 affects the WordPress theme Kitchor (Themelexus) up to version

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago13 views

CVE-2026-57793

CVE-2026-57793 affects the Flow WordPress theme by Elated-Themes. The issue is an improper filename control in Include/Require statements, resulting in a PHP Local File Inclusion (LFI). Affected versions are Flow:

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2026-57803

CVE-2026-57803 describes a PHP Local File Inclusion vulnerability in Struktur Core (struktur-core) for WordPress, arising from improper handling of filenames in Include/Require statements. The issue affects Struktur Core versions from n/a up to and including 2.5.1 and enables a potential remote a...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago16 views

CVE-2026-57801

Technical details are not publicly available in the provided documents for CVE-2026-57801. Monitor for updates.

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago16 views

CVE-2026-57790

CVE-2026-57790 is linked to the WordPress/ThemeMove Billey billey theme with a Local File Inclusion flaw triggered by improper control of filenames in PHP include/require. Affected: Billey versions up to and including 2.1.8 (no public details on fixed versions are provided in the documents). The ...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2026-57805

CVE-2026-57805 impact: WordPress theme Tonda (Select-Themes)

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago13 views

CVE-2026-57800

Technical details about CVE-2026-57800 are not provided in the connected documents. The entries mention Local File Inclusion in Overworld theme

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-57802 WordPress Struktur theme <= 2.5.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-57788 WordPress Aalto theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Aalto aalto allows PHP Local File Inclusion.This issue affects Aalto: from n/a through = 1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago27 views

CVE-2026-57790 WordPress Billey theme <= 2.1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through = 2.1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-57799 WordPress Nuss theme <= 1.3.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-57793 WordPress Flow theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Flow flow allows PHP Local File Inclusion.This issue affects Flow: from n/a through = 1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-57796 WordPress Leedo theme <= 3.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...

7.5CVSS0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago17 views

CVE-2026-57798

CVE-2026-57798 affects the WordPress plugin NewsPlus Shortcodes (&lt;= 4.2.0). The issue is described as an Improper Control of Filename for Include/Require Statement in PHP (PHP Remote File Inclusion) vulnerability that allows PHP Local File Inclusion (LFI) . Root cause: improper filename handli...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago13 views

CVE-2026-57792

CVE-2026-57792 pertains to Mikado-Themes Dør dor (WordPress theme). It describes an Improper Control of Filename for Include/Require Statement in PHP, enabling Local File Inclusion (LFI) and labeled as a PHP Remote File Inclusion vulnerability. The issue affects Dør versions up to and including 2...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-57789

Technical details about CVE-2026-57789 are not publicly available in the provided documents; please monitor for updates.

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 5 days ago16 views

CVE-2026-57791

CVE-2026-57791 : Affected software is the WordPress Brook theme, &lt;= 2.9.0. The issue is an improper validation/control of filenames in PHP include/require, enabling an PHP Local File Inclusion via a crafted filename. The NVD entry cites a CVSS v3.1 base score of 7.5 (HIGH) with network attack ...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Rows per page
Query Builder