1142 matches found
The vulnerability of the Post Grid, Slider & Carousel Ultimate plugin of the WordPress content management system arises from improper handling of file names for PHP functions like include or require. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Post Grid, Slider & Carousel plugin in the WordPress content management system is related to improper handling of file names for PHP functions like include or require. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...
CVE-2025-24782
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows PHP Local File Inclusion. This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.10...
PT-2025-5226 · Unknown · Mihajlovic Nenad Improved Sale Badges
Name of the Vulnerable Software and Affected Versions: Mihajlovic Nenad Improved Sale Badges – Free Version versions 1.0.1 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as PHP Remote File Inclusion, which...
PT-2025-5225 · Unknown · Webarea Background Animation Blocks
Name of the Vulnerable Software and Affected Versions: WebArea Background animation blocks versions 2.1.5 and earlier Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...
CVE-2024-49649
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23...
WordPress plugin Ach Invoice App 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-9184 · Abb · Abb Aspect +2
Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.08.02 NEXUS Series version 3.08.02 MATRIX Series version 3.08.02 Description: The issue is related to Local File Inclusion vulnerabilities, which allow access to sensitive system information. This is due to...
CVE-2024-53739
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4...
PT-2024-35338 · Shopready · Shopready
Name of the Vulnerable Software and Affected Versions: Shopready versions n/a through 3.5 Description: The issue affects the Shopready PHP application, allowing for PHP Local File Inclusion due to improper control of filename for include/require statement. This is related to a 'PHP Remote File...
WordPress plugin Pricing table addon for elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-52428
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Scripteo Ads Booster by Ads Pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through 1.12...
CVE-2024-50436
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Theme Horse Clean Retina.This issue affects Clean Retina: from n/a through 3.0.6...
CVE-2024-50457
: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.6.3...
CVE-2024-50436
CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)
PT-2024-34210
Name of the Vulnerable Software and Affected Versions: Theme Horse Meta News versions 1.1.7 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability whe...
WordPress plugin Mags 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-33381 · Elementor · Dynamic Elementor Addons
Name of the Vulnerable Software and Affected Versions: Dynamic Elementor Addons versions 1.0.0 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...
PT-2025-2805 · Flxeon · Flxeon
Name of the Vulnerable Software and Affected Versions: FLXEON versions 9.3.4 and older Description: Network access can be used to execute arbitrary code with elevated privileges. This issue is related to incorrect handling of file names for PHP functions include or require, which may allow a remo...
Optigo Networks ONS-S8 - Spectra Aggregation Switch
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...
CVE-2024-35650
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...