PT-2026-45741

Name of the Vulnerable Software and Affected Versions Fermentio versions prior to 1.5.1 Description Improper Control of Filename for Include/Require Statement in PHP Program allows Local File Inclusion. This occurs when the application fails to properly validate the filename used in PHP include o...

CVE-2026-39679 WordPress Freeio theme <= 1.3.21 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through = 1.3.21...

CVE-2026-25379

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes StreamVid streamvid allows PHP Local File Inclusion.This issue affects StreamVid: from n/a through 6.8.6...

CVE-2026-32500 WordPress MetaMax theme <= 1.1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS MetaMax metamax allows PHP Local File Inclusion.This issue affects MetaMax: from n/a through = 1.1.4...

PT-2026-25239

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creatives Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

CVE-2026-22416

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.This issue affects FixTeam: from n/a through = 1.5.0...

CVE-2026-28043

CVE-2026-28043 : WordPress vulnerability in ThemeREX Healer (Doctor, Clinic & Medical WordPress Theme)

CVE-2026-28006

CVE-2026-28006 is a Local File Inclusion vulnerability affecting the WordPress ThemeREX Yungen theme (versions

CVE-2025-69400

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yokoo yokoo allows PHP Local File Inclusion.This issue affects Yokoo: from n/a through = 1.1.11...

CVE-2026-22377

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Saveo saveo allows PHP Local File Inclusion.This issue affects Saveo: from n/a through = 1.1.2...

CVE-2026-27343

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VanKarWai Airtifact airtifact allows PHP Local File Inclusion.This issue affects Airtifact: from n/a through = 1.2.91...

PT-2026-1909

Name of the Vulnerable Software and Affected Versions Mikado-Themes Wellspring versions prior to 2.8 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files. The...

CVE-2025-69080

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in JanStudio Gecko gecko allows PHP Local File Inclusion.This issue affects Gecko: from n/a through = 1.9.8...

CVE-2025-53435 WordPress Plan My Day theme <= 1.1.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Plan My Day planmyday allows PHP Local File Inclusion.This issue affects Plan My Day: from n/a through = 1.1.13...

CVE-2025-59550 WordPress Xcare theme < 6.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in designervily Xcare xcare allows PHP Local File Inclusion.This issue affects Xcare: from n/a through 6.5...

CVE-2025-60150 WordPress Subscribe to Download plugin <= 2.0.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows PHP Local File Inclusion.This issue affects Subscribe to Download: from n/a through = 2.0.9...

WordPress plugin Subscribe To Unlock Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

PT-2025-39593

Name of the Vulnerable Software and Affected Versions wpshuffle Subscribe to Download versions through 2.0.9 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion...

CVE-2025-54750

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows PHP Local File Inclusion.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.11.1...

CVE-2025-54028 WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Saleswonder Team Tobias CF7 WOW Styler allows PHP Local File Inclusion. This issue affects CF7 WOW Styler: from n/a through 1.7.2...