CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

253 matches found

CVE•added 2025/08/28 12:37 p.m.•11 views

CVE-2025-53216

CVE-2025-53216 affects ThemeUniver Glamer (WordPress theme)

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

Vulnrichment•added 2025/08/28 12:37 p.m.•2 views

CVE-2025-49383 WordPress Neresa Theme <= 1.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Neresa allows PHP Local File Inclusion. This issue affects Neresa: from n/a through 1.3...

8.1CVSS7.4AI score0.00158EPSS

Exploits0References1

Positive Technologies•added 2025/08/28 12:0 a.m.•2 views

PT-2025-35058

Name of the Vulnerable Software and Affected Versions: TieLabs Jannah versions through 7.4.1 Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. Recommendations: Update Jannah to a version later than 7.4.1...

8.1CVSS6.4AI score0.00158EPSS

Exploits0References4

RedhatCVE•added 2025/08/22 8:30 a.m.•2 views

CVE-2025-53198

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in favethemes Houzez houzez allows PHP Local File Inclusion.This issue affects Houzez: from n/a through = 4.0.4...

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

RedhatCVE•added 2025/08/22 8:30 a.m.•1 views

CVE-2025-53207

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks allows PHP Local File Inclusion.This issue affects WP Travel Gutenberg Blocks: from n/a through = 3.9.0...

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

NVD•added 2025/08/20 8:15 a.m.•1 views

CVE-2025-53210

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bdthemes ZoloBlocks zoloblocks allows PHP Local File Inclusion.This issue affects ZoloBlocks: from n/a through = 2.3.2...

7.5CVSS0.00157EPSS

Exploits0References1

Cvelist•added 2025/08/20 8:3 a.m.•7 views

CVE-2025-48298 WordPress SEOPress for MainWP <= 1.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Benjamin Denis SEOPress for MainWP seopress-for-mainwp allows PHP Local File Inclusion.This issue affects SEOPress for MainWP: from n/a through = 1.4...

7.5CVSS0.00144EPSS

Exploits0References1

CVE•added 2025/08/20 8:3 a.m.•13 views

CVE-2025-53567

CVE-2025-53567 describes an unauthenticated Local File Inclusion in WordPress Ghost Kit (PHP) due to improper filename handling in Include/Require statements, affecting Ghost Kit versions up to 3.4.1. Reported CVSS v3.1 base score 8.1 (HIGH) with NETWORK attack vector, HIGH impact on confidential...

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

Vulnrichment•added 2025/08/20 8:2 a.m.•2 views

CVE-2025-54034 WordPress Newsletters <= 4.10 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Tribulant Software Newsletters allows PHP Local File Inclusion. This issue affects Newsletters: from n/a through 4.10...

7.5CVSS7.4AI score0.00144EPSS

Exploits0References1

Positive Technologies•added 2025/08/20 12:0 a.m.•2 views

PT-2025-33931 · Roxnor · Roxnor Fundengine

Name of the Vulnerable Software and Affected Versions: Roxnor FundEngine versions through 1.7.4 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion...

7.5CVSS6.5AI score0.00157EPSS

Exploits0References3

CNNVD•added 2025/08/20 12:0 a.m.•1 views

WordPress plugin ZoloBlocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.8AI score0.00157EPSS

Exploits0References2

Positive Technologies•added 2025/08/20 12:0 a.m.•2 views

PT-2025-33974 · WordPress · Zoloblocks

Name of the Vulnerable Software and Affected Versions: bdthemes ZoloBlocks versions through 2.3.2 Description: An improper control of filename for include/require statement exists in bdthemes ZoloBlocks, allowing for PHP Local File Inclusion. This issue is related to a PHP Remote File Inclusion...

7.5CVSS6.5AI score0.00157EPSS

Exploits0References3

RedhatCVE•added 2025/08/16 11:25 a.m.•2 views

CVE-2025-25172

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidMov vidmov allows PHP Local File Inclusion.This issue affects VidMov: from n/a through = 1.9.4...

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

RedhatCVE•added 2025/08/16 11:25 a.m.•2 views

CVE-2025-48293

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows PHP Local File Inclusion.This issue affects Geo Mashup: from n/a through = 1.13.16...

9.8CVSS5.9AI score0.0021EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 10:34 a.m.•1 views

CVE-2025-54690 WordPress Xinterio Theme <= 4.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek Xinterio allows PHP Local File Inclusion. This issue affects Xinterio: from n/a through 4.2...

8.1CVSS7.4AI score0.00158EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 10:34 a.m.•2 views

CVE-2025-54689 WordPress Urna Theme <= 2.5.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.7...

8.1CVSS4.7AI score0.00158EPSS

Exploits0References1

CVE•added 2025/08/14 10:34 a.m.•14 views

CVE-2025-30635

CVE-2025-30635 affects IDonatePro (WordPress plugin) <= 2.1.9 and is described as an improper control of the filename for include/require statements, enabling PHP Local File Inclusion. Public sources in the connected documents corroborate the vulnerability as a Local File Inclusion issue and n...

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 10:34 a.m.•2 views

CVE-2025-49264 WordPress Cloud SAML SSO - Single Sign On Login <= 1.0.18 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On...

7.5CVSS5.3AI score0.00144EPSS

Exploits0References1

Vulnrichment•added 2025/08/14 10:34 a.m.•1 views

CVE-2025-52728 WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel WordPress Plugin allows PHP Local File Inclusion. This issue affects Responsive Posts Carousel WordPress Plugin: from n/a through 15.0...

7.5CVSS7.3AI score0.00144EPSS

Exploits0References1

Positive Technologies•added 2025/08/14 12:0 a.m.•3 views

PT-2025-33241 · Thembay · Urna

Name of the Vulnerable Software and Affected Versions: thembay Urna versions through 2.5.7 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion. Recommendations:...

8.1CVSS6.5AI score0.00158EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by