CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-22421 WordPress Quantum theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Quantum quantum allows PHP Local File Inclusion.This issue affects Quantum: from n/a through = 1.0...

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-22410

CVE-2026-22410 concerns Mikado-Themes Dolcino (WordPress Dolcino theme) with a Local File Inclusion due to Improper Control of Filename for Include/Require Statement. Affected: Dolcino versions through 1.6. Root cause: PHP Include/Require filename handling allows LFI. Impact: high severity potent...

8.1CVSS5.9AI score0.00172EPSS

Cvelist•added 2026/03/05 5:53 a.m.•38 views

CVE-2026-22399 WordPress Holmes theme <= 1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Holmes holmes allows PHP Local File Inclusion.This issue affects Holmes: from n/a through = 1.7...

8.1CVSS0.00172EPSS

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-22397 WordPress Fleur theme <= 2.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Fleur fleur allows PHP Local File Inclusion.This issue affects Fleur: from n/a through = 2.2.1...

8.1CVSS5.8AI score0.00172EPSS

CVE•added 2026/03/05 5:53 a.m.•7 views

CVE-2026-22389

CVE-2026-22389 describes an unauthorized Local File Inclusion (LFI) vulnerability in the WordPress theme Mikado-Themes Cocco cocco (versions up to and including 1.5.1). The issue arises from improper control of filenames used in PHP include/require statements, effectively enabling an attacker to ...

8.1CVSS5.8AI score0.00172EPSS

Cvelist•added 2026/03/05 5:53 a.m.•30 views

CVE-2026-22389 WordPress Cocco theme <= 2.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 2.0...

8.1CVSS0.00172EPSS

CVE•added 2026/03/05 5:53 a.m.•7 views

CVE-2026-22385

CVE-2026-22385 is a Local File Inclusion (LFI) flaw in the WordPress Wolmart theme. Data from multiple sources confirms an Improper Control of Filename for Include/Require Statement in PHP, enabling LFI via Wolmart

8.1CVSS5.9AI score0.00172EPSS

Positive Technologies•added 2026/03/05 12:0 a.m.•3 views

PT-2026-23210

Name of the Vulnerable Software and Affected Versions Elated-Themes FindAll versions through 1.4 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusio...

Positive Technologies•added 2026/03/05 12:0 a.m.•2 views

PT-2026-23176

Name of the Vulnerable Software and Affected Versions AncoraThemes Tooth Fairy versions through 1.16 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...

Positive Technologies•added 2026/03/05 12:0 a.m.•3 views

PT-2026-23381

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Muzicon muzicon allows PHP Local File Inclusion.This issue affects Muzicon: from n/a through = 1.9.0...

Positive Technologies•added 2026/03/05 12:0 a.m.•3 views

PT-2026-23400

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

Positive Technologies•added 2026/03/05 12:0 a.m.•1 views

PT-2026-23331

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yacht Rental yacht-rental allows PHP Local File Inclusion.This issue affects Yacht Rental: from n/a through = 2.6...

Positive Technologies•added 2026/03/05 12:0 a.m.•4 views

PT-2026-23145

Name of the Vulnerable Software and Affected Versions don-themes Molla versions through 1.5.16 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local fil...

Positive Technologies•added 2026/03/05 12:0 a.m.•3 views

PT-2026-23156

Name of the Vulnerable Software and Affected Versions Mikado-Themes Fleur versions through 2.0 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion...

Positive Technologies•added 2026/03/05 12:0 a.m.•3 views

PT-2026-23389

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through = 2.9...

Positive Technologies•added 2026/03/05 12:0 a.m.•5 views

PT-2026-23228

Name of the Vulnerable Software and Affected Versions Alchemists versions through 4.6.0 Description The software contains a flaw due to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files...

Positive Technologies•added 2026/03/05 12:0 a.m.•4 views

PT-2026-23182

Name of the Vulnerable Software and Affected Versions AncoraThemes ElectroServ versions through 1.3.2 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...

Positive Technologies•added 2026/03/05 12:0 a.m.•9 views

PT-2026-23321

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpDataTables wpDataTables wpdatatables allows PHP Local File Inclusion.This issue affects wpDataTables: from n/a through = 6.5.0.1...

5.9AI score0.00143EPSS

Positive Technologies•added 2026/03/05 12:0 a.m.•9 views

PT-2026-23180

Name of the Vulnerable Software and Affected Versions AncoraThemes CloudMe versions through 1.2.2 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files within th...