Lucene search
K

8931 matches found

NVD
NVD
added yesterday7 views

CVE-2026-57799

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-57801

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes SetSail setsail allows PHP Local File Inclusion.This issue affects SetSail: from n/a through = 2.1...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57804

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday5 views

CVE-2026-57805

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Tonda tonda allows PHP Local File Inclusion.This issue affects Tonda: from n/a through = 2.5...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday6 views

CVE-2026-57796

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...

7.5CVSS0.00496EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57743

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

8.1CVSS0.00557EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-22102

CVE-2026-22102 describes an issue where a POST request to a specific webserver endpoint can write to arbitrary file locations. The filename parameter is taken from the Content-Disposition header without verification, enabling: Denial of service by overwriting system files Potential remote code ex...

9.3CVSS6.3AI score0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-22102 Arbitrary file overwrite through certificate update functionality

A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Content-Disposition header without verification. This can be used to cause a denial of service by overwriting system files, or...

9.3CVSS0.00431EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-57795

CVE-2026-57795 affects the WordPress theme Kitchor (Themelexus) up to version

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-57799

CVE-2026-57799 : The NVD entry documents an improper control of a filename for an Include/Require statement in a PHP-based WordPress theme/plugin named “Nuss” (uxper Nuss). This yields a local file inclusion vulnerability in Nuss versions up to 1.3.6. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:H/PR:...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-57803

CVE-2026-57803 describes a PHP Local File Inclusion vulnerability in Struktur Core (struktur-core) for WordPress, arising from improper handling of filenames in Include/Require statements. The issue affects Struktur Core versions from n/a up to and including 2.5.1 and enables a potential remote a...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57790

CVE-2026-57790 is linked to the WordPress/ThemeMove Billey billey theme with a Local File Inclusion flaw triggered by improper control of filenames in PHP include/require. Affected: Billey versions up to and including 2.1.8 (no public details on fixed versions are provided in the documents). The ...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-57793

CVE-2026-57793 affects the Flow WordPress theme by Elated-Themes. The issue is an improper filename control in Include/Require statements, resulting in a PHP Local File Inclusion (LFI). Affected versions are Flow:

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-57791

CVE-2026-57791 : Affected software is the WordPress Brook theme, <= 2.9.0. The issue is an improper validation/control of filenames in PHP include/require, enabling an PHP Local File Inclusion via a crafted filename. The NVD entry cites a CVSS v3.1 base score of 7.5 (HIGH) with network attack ...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57799 WordPress Nuss theme <= 1.3.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-57790 WordPress Billey theme <= 2.1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through = 2.1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday12 views

CVE-2026-57793 WordPress Flow theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Flow flow allows PHP Local File Inclusion.This issue affects Flow: from n/a through = 1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57788 WordPress Aalto theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Aalto aalto allows PHP Local File Inclusion.This issue affects Aalto: from n/a through = 1.8...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday12 views

CVE-2026-57795 WordPress Kitchor theme <= 1.4.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Kitchor kitchor allows PHP Local File Inclusion.This issue affects Kitchor: from n/a through = 1.4.3...

7.5CVSS0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday11 views

CVE-2026-57796 WordPress Leedo theme <= 3.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...

7.5CVSS0.00496EPSS
Exploits0References1
Rows per page
Query Builder