343 matches found
CVE-2026-28035
CVE-2026-28035: WordPress Printy theme
CVE-2026-28027 WordPress Kayon theme <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Kayon kayon allows PHP Local File Inclusion.This issue affects Kayon: from n/a through = 1.3...
CVE-2026-28022
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Foodie foodie allows PHP Local File Inclusion.This issue affects Foodie: from n/a through = 1.14...
CVE-2026-28016
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Luxury Wine luxury-wine allows PHP Local File Inclusion.This issue affects Luxury Wine: from n/a through = 1.1.14...
CVE-2026-27998 WordPress Vixus theme <= 1.0.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Vixus vixus allows PHP Local File Inclusion.This issue affects Vixus: from n/a through = 1.0.16...
CVE-2026-28009 WordPress DroneX theme <= 1.1.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects DroneX: from n/a through = 1.1.12...
CVE-2026-27995 WordPress Justitia theme <= 1.1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Justitia justitia allows PHP Local File Inclusion.This issue affects Justitia: from n/a through = 1.1.0...
CVE-2026-27991 WordPress Avventure theme <= 1.1.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through = 1.1.12...
CVE-2026-27988
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Equadio: from n/a through = 1.1.3...
CVE-2026-27337 WordPress Chronicle - Lifestyle Magazine & Blog WordPress Theme theme <= 1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress...
CVE-2026-22476 WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through = 1.0...
CVE-2026-22446
CVE-2026-22446 affects WordPress theme Prowess (Select-Themes) up to version 1.8.1. Root cause: improper control of filename for include/require in PHP, enabling PHP Local File Inclusion. Impact: high-severity risk (LFI) per sources. Remediation: upgrade to a version later than 1.8.1 (vendor guid...
CVE-2026-22441 WordPress Zentrum theme <= 1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Zentrum zentrum allows PHP Local File Inclusion.This issue affects Zentrum: from n/a through = 1.0...
CVE-2026-22436
CVE-2026-22436 describes an unauthenticated Local File Inclusion in the WordPress theme Helvig by Elated-Themes, affecting Helvig versions up to 1.0. The flaw arises from improper control of the filename used in PHP include/require statements (PHP Local File Inclusion). Public sources identify th...
CVE-2026-22405
CVE-2026-22405 describes an Local File Inclusion flaw in the Mikado-Themes Overton WordPress theme (versions up to and including 1.3). The issue stems from improper control of filenames for include/require statements in the PHP code, enabling an attacker to potentially access local files via PHP ...
CVE-2026-22397 WordPress Fleur theme <= 2.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Fleur fleur allows PHP Local File Inclusion.This issue affects Fleur: from n/a through = 2.2.1...
CVE-2026-22385 WordPress Wolmart theme <= 1.9.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Wolmart wolmart allows PHP Local File Inclusion.This issue affects Wolmart: from n/a through = 1.9.6...
PT-2026-23393
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Anderson andersonclinic allows PHP Local File Inclusion.This issue affects Anderson: from n/a through = 1.4.2...
PT-2026-23150
Name of the Vulnerable Software and Affected Versions Mikado-Themes Aviana versions through 2.1 Description A flaw exists in Mikado-Themes Aviana that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue is related to PHP Remote File...
PT-2026-23332
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Peter Mason petermason allows PHP Local File Inclusion.This issue affects Peter Mason: from n/a through = 1.4.5...