CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1142 matches found

Vulnrichment•added 2026/03/05 5:54 a.m.•5 views

CVE-2026-27994 WordPress Tediss theme <= 1.2.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tediss tediss allows PHP Local File Inclusion.This issue affects Tediss: from n/a through = 1.2.4...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-27996 WordPress Lingvico theme <= 1.0.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Lingvico lingvico allows PHP Local File Inclusion.This issue affects Lingvico: from n/a through = 1.0.14...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•1 views

CVE-2026-27990 WordPress ConFix theme <= 1.013 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through = 1.013...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:54 a.m.•5 views

CVE-2026-27989

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quanzo: from n/a through = 1.0.10...

5.9AI score0.00172EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-27990

5.9AI score0.00172EPSS

Exploits0References2

CVE•added 2026/03/05 5:54 a.m.•8 views

CVE-2026-27990

CVE-2026-27990 is an Unauthenticated Local File Inclusion in the WordPress Theme ConFix (ThemeREX ConFix confix) <= 1.013, caused by Improper control of filename for PHP include/require statements. Public sources describe it as a PHP Remote File Inclusion vulnerability that effectively allows ...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•25 views

CVE-2026-27988 WordPress Equadio theme <= 1.1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Equadio: from n/a through = 1.1.3...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•1 views

CVE-2026-27987 WordPress The Qlean theme <= 2.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through = 2.12...

5.8AI score0.00172EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-27988

5.9AI score0.00172EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 5:53 a.m.•1 views

CVE-2026-27342

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through = 1.9...

5.9AI score0.00172EPSS

Exploits0References2

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-27339 WordPress Buzz Stone | Magazine & Viral Blog WordPress Theme theme <= 1.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Buzz Stone | Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone | Magazine & Viral Blog WordPress Theme:...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•8 views

CVE-2026-27097

CVE-2026-27097 affects AncoraThemes CasaMia WordPress Theme (≤1.1.2). The vulnerability is a PHP Local File Inclusion caused by improper control of filenames in include/require. Impact: potential disclosure of local files; CVSS 3.1Base 8.1 (High). Patch status in reports: Unpatched; remediation g...

8.1CVSS5.9AI score0.00056EPSS

Exploits1References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-27326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

5.9AI score0.00172EPSS

Exploits0References2

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-27326

CVE-2026-27326 affects the AC Services | HVAC WordPress theme (window-ac-services), with Improper Handling of Include/Require in PHP leading to Local File Inclusion. Public reports (Wordfence) indicate the issue exists for theme versions up to 1.2.5 and is currently Unpatched. Affected component ...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•0 views

CVE-2026-22456 WordPress Askka theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Askka askka allows PHP Local File Inclusion.This issue affects Askka: from n/a through = 1.0...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•1 views

CVE-2026-22446 WordPress Prowess theme <= 1.8.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through = 1.8.1...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-22439 WordPress Green Planet theme <= 1.1.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Green Planet green-planet allows PHP Local File Inclusion.This issue affects Green Planet: from n/a through = 1.1.14...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-22442

CVE-2026-22442 is a Local File Inclusion vulnerability in the WordPress Tribe theme (LaunchandSell Tribe) affecting versions up to 1.7.3. The issue is caused by improper handling of filename resolution in include/require statements, enabling an attacker to potentially include local files via PHP....

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•24 views

CVE-2026-22437 WordPress Playa theme <= 1.3.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Playa playa allows PHP Local File Inclusion.This issue affects Playa: from n/a through = 1.3.9...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-22431 WordPress Wabi-Sabi theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Wabi-Sabi wabi-sabi allows PHP Local File Inclusion.This issue affects Wabi-Sabi: from n/a through = 1.2...

8.1CVSS0.00172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by