417 matches found
CVE-2026-25382 WordPress IdealAuto theme < 3.8.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes IdealAuto idealauto allows PHP Local File Inclusion.This issue affects IdealAuto: from n/a through 3.8.6...
CVE-2026-22512 WordPress Roisin theme <= 1.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Roisin roisin allows PHP Local File Inclusion.This issue affects Roisin: from n/a through = 1.2.1...
CVE-2026-22514
CVE-2026-22514 concerns a Local File Inclusion in WordPress Theme Unica (and related RH/EUVD/NVD entries) due to improper control of filenames for PHP include/require. Affected software: AncoraThemes Unica? documentation refers to Unica WordPress theme (
CVE-2026-22508
CVE-2026-22508 refers to a Local File Inclusion vulnerability in the WordPress theme “Dentalux” by AncoraThemes, due to improper control of filenames for include/require in PHP. Affected software: Dentalux versions n/a through 3.3 (inclusive). Sources indicate the issue is publicly disclosed, wit...
CVE-2026-22511 WordPress NeoBeat theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through = 1.2...
CVE-2026-22499
CVE-2026-22499 concerns the WordPress Lella theme. Affected software: Lella versions n/a through 1.2. Root cause: Improper control of filenames used by Include/Require in PHP, enabling Local File Inclusion. Impact per sources: potential PHP Local File Inclusion with high severity (CVSS 3.1 base 8...
CVE-2026-22503
CVE-2026-22503 relates to the WordPress Theme Nelson by ThemeREX, where an improper filename validation in PHP include/require statements leads to a PHP Local File Inclusion (LFI) vulnerability. Affected product: Nelson versions from unspecified until <= 1.2.0. The NVD/Red Hat/patch sources de...
CVE-2026-22495 WordPress Greenville theme <= 1.3.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Greenville greenville allows PHP Local File Inclusion.This issue affects Greenville: from n/a through = 1.3.2...
CVE-2026-22493
CVE-2026-22493 describes a Local File Inclusion in WordPress Gaspard theme (<= 1.3) due to improper filename handling for PHP Include/Require. Impact may allow an attacker to disclose or manipulate local files via a PHP inclusion vector. The Red Hat and NVD records confirm the same vulnerabili...
CVE-2026-22493 WordPress Gaspard theme <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through = 1.3...
PT-2026-27932
Name of the Vulnerable Software and Affected Versions jwsthemes IdealAuto versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program, specifically in jwsthemes IdealAuto. This allows for PHP Local File Inclusion. The...
PT-2026-27979
Name of the Vulnerable Software and Affected Versions Mikado-Themes Deston versions n/a through 1.0 Description A flaw exists in the handling of filenames for include/require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Mikado-Themes Deston. This allows for P...
PT-2026-27819
Name of the Vulnerable Software and Affected Versions AncoraThemes Hypnotherapy versions through 1.2.10 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Loc...
PT-2026-28018
Name of the Vulnerable Software and Affected Versions CreativeWS VintWood versions n/a through 1.1.8 Description The software contains a flaw due to improper control of filename handling for Include/Require statements in the PHP program, leading to a PHP Local File Inclusion issue. The affected...
PT-2026-27829
Name of the Vulnerable Software and Affected Versions AncoraThemes Dentalux versions n/a through 3.3 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows an attacker to potentially inclu...
CVE-2026-22324
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Melania allows PHP Local File Inclusion.This issue affects Melania: from n/a through 2.5.0...
EUVD-2026-11889
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpBookingly service-booking-manager allows PHP Local File Inclusion.This issue affects WpBookingly: from n/a through = 1.2.9...
CVE-2026-32426
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This issue affects Medilazar Core: from n/a through 1.4.7...
CVE-2026-32426
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This issue affects Medilazar Core: from n/a through 1.4.7...
CVE-2026-32400
The CVE-2026-32400 entry concerns the WordPress Boldman theme by ThemetechMount, specifically versions