CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD-2026-3932

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yolox: from n/a through = 1.0.15...

EUVD-2026-3901

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through = 1.0.11...

EUVD•added 2026/01/22 4:52 p.m.•30 views

EUVD-2026-3933

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This issue affects Indoor Plants: from n/a through = 1.2.7...

EUVD-2026-3912

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pets Land petsland allows PHP Local File Inclusion.This issue affects Pets Land: from n/a through = 1.2.8...

EUVD-2026-3909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue affects PartyMaker: from n/a through = 1.1.15...

EUVD-2026-3951

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Töbel tobel allows PHP Local File Inclusion.This issue affects Töbel: from n/a through = 1.6...

EUVD-2026-3960

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebGeniusLab iRecco Core irecco-core allows PHP Local File Inclusion.This issue affects iRecco Core: from n/a through = 1.3.6...

EUVD-2026-3937

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in XpeedStudio Bajaar - Highly Customizable WooCommerce WordPress Theme bajaar allows PHP Local File Inclusion.This issue affects Bajaar - Highly Customizable WooCommerce WordPress...

EUVD-2026-3935

Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through = 3.9...

5.4AI score0.00344EPSS

EUVD•added 2026/01/22 4:52 p.m.•6 views

EUVD-2026-3954

Improper Control of Generation of Code 'Code Injection' vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through = 6.1.11...

5.4AI score0.00233EPSS

EUVD-2026-3978

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in temash Barberry barberry allows PHP Local File Inclusion.This issue affects Barberry: from n/a through = 2.9.9.87...

5.5AI score0.00433EPSS

EUVD-2026-3962

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee allows Using Malicious Files.This issue affects Blogzee: from n/a through = 1.0.5...

5.4AI score0.00465EPSS

EUVD-2026-3969

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic allows Using Malicious Files.This issue affects Blogistic: from n/a through = 1.0.5...

5.4AI score0.00465EPSS

EUVD-2026-3973

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold enfold allows DOM-Based XSS.This issue affects Enfold: from n/a through = 7.1.3...

5.4AI score0.00198EPSS

EUVD•added 2026/01/22 4:52 p.m.•2 views

EUVD-2026-4010

Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task-management allows Privilege Escalation.This issue affects LazyTasks: from n/a through = 1.4.01...

5.4AI score0.00423EPSS

EUVD•added 2026/01/22 4:52 p.m.•2 views

EUVD-2026-4006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...

5.4AI score0.00175EPSS

EUVD-2026-4000

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through = 2.3.6...

5.4AI score0.00222EPSS

EUVD-2026-3997

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Hoteller hoteller allows Reflected XSS.This issue affects Hoteller: from n/a through 6.8.9...

5.4AI score0.00222EPSS

EUVD-2026-3992

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

EUVD•added 2026/01/22 4:52 p.m.•2 views

EUVD-2026-3983

Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.4...

5.4AI score0.00269EPSS