Lucene search
K

343 matches found

NVD
NVD
added yesterday5 views

CVE-2026-57800

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through = 1.5...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-57799

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-57792

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4.1...

7.5CVSS0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday14 views

CVE-2026-57788

CVE-2026-57788 describes an improper filename control in the Edge-Themes Aalto WordPress theme (Aalto

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-57791

CVE-2026-57791 : Affected software is the WordPress Brook theme, <= 2.9.0. The issue is an improper validation/control of filenames in PHP include/require, enabling an PHP Local File Inclusion via a crafted filename. The NVD entry cites a CVSS v3.1 base score of 7.5 (HIGH) with network attack ...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57802 WordPress Struktur theme <= 2.5.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...

7.5CVSS0.00496EPSS
Exploits0References1
OSV
OSV
added 2026/07/02 8:4 p.m.3 views

CVE-2026-58467 Cockpit CMS 2.14.0 - Path Traversal Local File Inclusion via index.php

Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...

8.2CVSS6.2AI score0.00406EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/02 1:50 p.m.9 views

CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

8.1CVSS5.8AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 1:48 p.m.42 views

CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 12:39 p.m.9 views

CVE-2026-39552 WordPress Blueprint theme < 1.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

8.1CVSS5.8AI score0.00334EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.5 views

CVE-2026-39544

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:22 p.m.7 views

CVE-2025-58913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through = 2.3.8.1...

8.1CVSS5.8AI score0.00466EPSS
Exploits0References1
NVD
NVD
added 2026/04/10 2:16 p.m.6 views

CVE-2025-58913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through = 2.3.8.1...

8.1CVSS0.00466EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/10 1:46 p.m.199 views

Exploit for Code Injection in Backupbliss Backup_Migration

🔥 CVE-2023-6553 — WordPress Backup Migration RCE Unauthen...

9.8CVSS7.8AI score0.97846EPSS
Exploits14
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...

7.5CVSS5.8AI score0.00392EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.24 views

CVE-2026-39679 WordPress Freeio theme <= 1.3.21 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through = 1.3.21...

7.5CVSS0.00381EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.8 views

CVE-2026-39679

CVE-2026-39679 is a local file inclusion (LFI) in the WordPress Freeio/ApusTheme Freeio plugin/theme. Affected: Freeio versions up to and including 1.3.21 (and related Freeio/Freeio themes referenced in Red Hat/EUVD records and CVE listings). Root cause: improper control of filenames for include/...

7.5CVSS5.9AI score0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.23 views

CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...

7.5CVSS0.00381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.3 views

CVE-2026-39538

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...

5.9AI score0.00381EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/31 10:22 p.m.6 views

baserCMS has Unsafe File Upload Leading to Remote Code Execution (RCE)

Details The application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacker can craft a malicious PHP file within the zip and achieve...

8.7CVSS6.5AI score0.00577EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder