Lucene search
K

370 matches found

NVD
NVD
added 13 hours ago5 views

CVE-2026-57792

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4.1...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago7 views

CVE-2026-57795 WordPress Kitchor theme <= 1.4.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themelexus Kitchor kitchor allows PHP Local File Inclusion.This issue affects Kitchor: from n/a through = 1.4.3...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 1:48 p.m.41 views

CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 1:48 p.m.20 views

CVE-2025-58707

The CVE-2025-58707 issue is a Local File Inclusion vulnerability in the WordPress Spin theme (Spin) versions up to 1.8. It arises from improper handling of filenames for include/require statements in a PHP program, enabling PHP LFI. Affected product: Axiomthemes Spin (WordPress Spin theme

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/22 9:31 a.m.8 views

EUVD-2026-24688

The Breaking News WP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3. This is due to the brnwpajaxform AJAX endpoint lacking both authorization checks and CSRF verification, combined with insufficient path validation when the brnwptheme option...

6.5CVSS5.8AI score0.00814EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/04/10 1:46 p.m.199 views

Exploit for Code Injection in Backupbliss Backup_Migration

🔥 CVE-2023-6553 — WordPress Backup Migration RCE Unauthen...

9.8CVSS7.8AI score0.97846EPSS
Exploits14
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...

7.5CVSS5.8AI score0.00392EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39681 WordPress Homeo theme <= 1.2.59 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through = 1.2.59...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.5 views

CVE-2026-22513

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Triompher triompher allows PHP Local File Inclusion.This issue affects Triompher: from n/a through = 1.1.0...

8.1CVSS5.8AI score0.00519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.3 views

CVE-2026-22516

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Wizor's wizors-investments allows PHP Local File Inclusion.This issue affects Wizor's: from n/a through = 2.12...

8.1CVSS5.8AI score0.00415EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:15 p.m.15 views

CVE-2026-32531

CVE-2026-32531: Kunco WordPress Theme (

8.1CVSS5.8AI score0.00327EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.16 views

CVE-2026-27078

CVE-2026-27078 corresponds to an LFI in Mikado-Themes Emaurri (WordPress) due to improper control of filenames in PHP include/require. Affected software: Emaurri versions up to and including 1.0.1. Impact as described in sources is PHP Local File Inclusion, with attackers potentially disclosing o...

8.1CVSS5.8AI score0.00512EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-27075

CVE-2026-27075 concerns an Improper Control of Filename for Include/Require Statement (PHP Local File Inclusion) in Mikado-Themes Belfort (WordPress theme Belfort). The vulnerability allows Local File Inclusion due to inadequate validation of filenames used in PHP include/require, affecting Belfo...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.31 views

CVE-2026-27048 WordPress The Aisle Core plugin <= 2.0.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects The Aisle Core: from n/a through = 2.0.5...

8.1CVSS0.00403EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.11 views

CVE-2026-22516

CVE-2026-22516 is a Local File Inclusion vulnerability affecting WordPress plugin/theme Wizor's Wizor's Investments, specifically versions up to and including 2.12. The issue is described as an improper control of filename for Include/Require statements in PHP, enabling PHP Local File Inclusion (...

8.1CVSS5.8AI score0.00415EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.26 views

CVE-2026-22509 WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through = 1.4...

8.1CVSS0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.27 views

CVE-2026-22499 WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through = 1.2...

8.1CVSS0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.26 views

CVE-2026-22502 WordPress Mr. Cobbler theme <= 1.1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through = 1.1.9...

8.1CVSS0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.27 views

CVE-2026-22498 WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through = 3.1...

8.1CVSS0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.34 views

CVE-2026-22494 WordPress Good Homes theme <= 1.3.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Good Homes good-homes allows PHP Local File Inclusion.This issue affects Good Homes: from n/a through = 1.3.13...

8.1CVSS0.00504EPSS
Exploits0References1
Rows per page
Query Builder