254 matches found
CVE-2023-22960
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency...
CVE-2023-23645
Improper Control of Generation of Code 'Code Injection' vulnerability in MainWP MainWP Code Snippets Extension allows Code Injection.This issue affects MainWP Code Snippets Extension: from n/a through 4.0.2...
PT-2025-22713 · Nasa Core · Nasa Core
Name of the Vulnerable Software and Affected Versions: Nasa Core versions through 6.3.2 Description: The issue affects Nasa Core due to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', allowing PHP Local File Inclusion...
CVE-2025-26735
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Candid themes Grip.This issue affects Grip: from n/a through 1.0.9...
PT-2025-21701 · Nasa Core · Nasa Core
Name of the Vulnerable Software and Affected Versions: Nasa Core versions through 6.3.2 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...
CVE-2025-47531 WordPress XT Event Widget for Social Events plugin <= 1.1.7 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes XT Event Widget for Social Events xt-facebook-events allows PHP Local File Inclusion.This issue affects XT Event Widget for Social Events: from n/a through = 1.1.7...
CVE-2025-47439 WordPress Download Monitor plugin <= 5.0.22 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Chill Download Monitor download-monitor allows PHP Local File Inclusion.This issue affects Download Monitor: from n/a through = 5.0.22...
CVE-2025-2421
Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection.This issue affects SambaBox: before 5.1...
CVE-2025-39526
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue affects Hotel Booking: from n/a through = 3.6...
CVE-2025-39378
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows PHP Local File...
CVE-2025-39429 WordPress Széchenyi 2020 Logo <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Földesi, Mihály Széchenyi 2020 Logo szechenyi-2020-logo allows PHP Local File Inclusion.This issue affects Széchenyi 2020 Logo: from n/a through = 1.1...
CVE-2025-0756
Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.2.0.2 (including 9.3.x and 8.3.x) do not restrict JNDI identifiers when creating platform data sources, enabling untrusted input to be used as resource identifiers. This can lead to access to, or modification of, sensitive ...
PT-2025-16317 · Unknown · Notfound Coming Soon
Name of the Vulnerable Software and Affected Versions: NotFound Coming Soon, Maintenance Mode versions n/a through 1.1.1 Description: The issue is related to Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This...
CVE-2025-32614
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ashan Perera EventON eventon-lite allows PHP Local File Inclusion.This issue affects EventON: from n/a through = 2.4...
Palo Alto Networks Prisma Access Browser 安全漏洞
Palo Alto Networks Prisma Access Browser is an enterprise security browser from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks Prisma Access Browser that stems from improper control behavior...
CVE-2025-32692
CVE-2025-32692: WP Subscription Forms (WordPress) =1.2.4) or apply vendor fix; monitor for advisories.
CVE-2025-32156 WordPress Just Post Preview Widget plugin <= 1.1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Alex Prokopenko / JustCoded Just Post Preview Widget just-post-preview allows PHP Local File Inclusion.This issue affects Just Post Preview Widget: from n/a through = 1.1.1...
PT-2025-11362
Name of the Vulnerable Software and Affected Versions: Ohio Extra versions n/a through 3.4.7 Description: The issue is related to an Improper Control of Generation of Code, also known as 'Code Injection', which allows for code injection in Ohio Extra. Recommendations: For versions n/a through...
CVE-2025-26933
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nitin Prakash WC Place Order Without Payment wc-place-order-without-payment allows PHP Local File Inclusion.This issue affects WC Place Order Without Payment: from n/a through =...
CVE-2024-56051
Improper Control of Generation of Code 'Code Injection' vulnerability in VibeThemes WPLMS wplmsplugin allows Code Injection.This issue affects WPLMS: from n/a through 1.9.9.5...