571 matches found
CVE-2026-57795
CVE-2026-57795 affects the WordPress theme Kitchor (Themelexus) up to version
CVE-2026-57791
CVE-2026-57791 : Affected software is the WordPress Brook theme, <= 2.9.0. The issue is an improper validation/control of filenames in PHP include/require, enabling an PHP Local File Inclusion via a crafted filename. The NVD entry cites a CVSS v3.1 base score of 7.5 (HIGH) with network attack ...
CVE-2026-57800
Technical details about CVE-2026-57800 are not provided in the connected documents. The entries mention Local File Inclusion in Overworld theme
CVE-2026-57795 WordPress Kitchor theme <= 1.4.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Kitchor kitchor allows PHP Local File Inclusion.This issue affects Kitchor: from n/a through = 1.4.3...
CVE-2026-57796 WordPress Leedo theme <= 3.0.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...
CVE-2026-57799 WordPress Nuss theme <= 1.3.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...
CVE-2026-57798
CVE-2026-57798 affects the WordPress plugin NewsPlus Shortcodes (<= 4.2.0). The issue is described as an Improper Control of Filename for Include/Require Statement in PHP (PHP Remote File Inclusion) vulnerability that allows PHP Local File Inclusion (LFI) . Root cause: improper filename handli...
CVE-2026-57792
CVE-2026-57792 pertains to Mikado-Themes Dør dor (WordPress theme). It describes an Improper Control of Filename for Include/Require Statement in PHP, enabling Local File Inclusion (LFI) and labeled as a PHP Remote File Inclusion vulnerability. The issue affects Dør versions up to and including 2...
CVE-2026-57802 WordPress Struktur theme <= 2.5.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...
CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...
CVE-2025-69369
CVE-2025-69369 is a Local File Inclusion vulnerability in the WordPress theme Racquet (Racquet
CVE-2025-58897
The CVE-2025-58897 entry concerns the WordPress Fermentio theme (
CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...
EUVD-2026-33916
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4...
CVE-2025-58024 WordPress Accordion FAQ Plugin <= 2.2.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in UnboundStudio Accordion FAQ allows PHP Local File Inclusion. This issue affects Accordion FAQ: from n/a through 2.2.1...
CVE-2026-39677
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through = 3.9...
CVE-2025-5804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through 1.0.4...
CVE-2025-5804
CVE-2025-5804 affects the WordPress plugin Case Theme User (versions before 1.0.4). The issue is an Unauthenticated Local File Inclusion due to Improper Control of Filename for Include/Require Statement in PHP, enabling LFI in Case Theme User prior to 1.0.4. Public references from Patchstack/Word...
EUVD-2026-20202
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...
CVE-2026-39684
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in UnTheme OrganicFood organicfood allows PHP Local File Inclusion.This issue affects OrganicFood: from n/a through = 3.6.4...