CVE-2026-25464

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...

CVE-2026-22511

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through = 1.2...

CVE-2026-32369

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

PT-2026-27824

Name of the Vulnerable Software and Affected Versions ThemeREX Nelson versions n/a through 1.2.0 Description A flaw exists in ThemeREX Nelson due to improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion issue. The...

EUVD-2026-9665

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Justitia justitia allows PHP Local File Inclusion.This issue affects Justitia: from n/a through = 1.1.0...

CVE-2026-28024

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Helion helion allows PHP Local File Inclusion.This issue affects Helion: from n/a through = 1.1.12...

CVE-2026-28015

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ShiftCV shift-cv allows PHP Local File Inclusion.This issue affects ShiftCV: from n/a through = 3.0.14...

CVE-2026-22476

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through = 1.0...

CVE-2026-22435

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes ElectroServ electroserv allows PHP Local File Inclusion.This issue affects ElectroServ: from n/a through = 1.3.2...

CVE-2026-28085 WordPress Mahogany theme <= 2.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Mahogany mahogany allows PHP Local File Inclusion.This issue affects Mahogany: from n/a through = 2.9...

CVE-2026-28085

CVE-2026-28085 is a Local File Inclusion vulnerability in ThemeREX Mahogany theme (Mahogany) for WordPress, affecting versions n/a through 2.9. Cause: Improper control of the filename used in PHP Include/Require, enabling PHP Local File Inclusion. The initial description and Red Hat/Wordfence ref...

CVE-2026-28027

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Kayon kayon allows PHP Local File Inclusion.This issue affects Kayon: from n/a through = 1.3...

CVE-2026-27990

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through = 1.013...

PT-2026-23192

Name of the Vulnerable Software and Affected Versions Select-Themes Don Peppe versions through 1.3 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion...

PT-2026-23397

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Midi midi allows PHP Local File Inclusion.This issue affects Midi: from n/a through = 1.14...

CVE-2025-67938

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Biagiotti biagiotti allows PHP Local File Inclusion.This issue affects Biagiotti: from n/a through 3.5.2...

CVE-2025-49994

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through = 1.1.6...

CVE-2025-60066

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Katelyn katelyn allows PHP Local File Inclusion.This issue affects Katelyn: from n/a through = 1.0.10...

EUVD-2025-204132

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes MaxCube maxcube allows PHP Local File Inclusion.This issue affects MaxCube: from n/a through = 1.3.1...

WordPress plugin Harper 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...