1142 matches found
CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through = 1.2.2...
CVE-2026-22367 WordPress Coworking theme <= 1.6.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Coworking coworking allows PHP Local File Inclusion.This issue affects Coworking: from n/a through = 1.6.1...
CVE-2026-22367
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Coworking coworking allows PHP Local File Inclusion.This issue affects Coworking: from n/a through = 1.6.1...
CVE-2026-22364
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes SevenTrees seventrees allows PHP Local File Inclusion.This issue affects SevenTrees: from n/a through =1.0.2...
CVE-2026-22363 WordPress Rhodos theme <= 1.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rhodos rhodos allows PHP Local File Inclusion.This issue affects Rhodos: from n/a through = 1.3.3...
CVE-2026-22362
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Photolia photolia allows PHP Local File Inclusion.This issue affects Photolia: from n/a through = 1.0.3...
CVE-2025-69406
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX FreightCo freightco allows PHP Local File Inclusion.This issue affects FreightCo: from n/a through = 1.1.7...
CVE-2025-69408 WordPress HealthFirst theme <= 1.0.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes HealthFirst healthfirst allows PHP Local File Inclusion.This issue affects HealthFirst: from n/a through = 1.0.1...
CVE-2025-69408
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes HealthFirst healthfirst allows PHP Local File Inclusion.This issue affects HealthFirst: from n/a through = 1.0.1...
CVE-2025-69407
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...
CVE-2025-69402
CVE-2025-69402 : Local File Inclusion in the WordPress Theme R&F rf (ThemeREX) via Improper Control of Filename for Include/Require. Affected: ThemeREX R&F rf versions up to and including 1.5. Exploitation context not provided in the sources. Remediation per the connected docs: update ThemeREX R&...
CVE-2025-69399
CVE-2025-69399 describes an Unauthenticated Local File Inclusion in the WordPress Cobble theme (ThemeREX Cobble) up to version 1.7. The issue arises from an improper control of the filename in include/require statements, enabling local file inclusion. Documented impact per sources indicates poten...
CVE-2025-69396 WordPress Splendour theme <= 1.23 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Splendour splendour allows PHP Local File Inclusion.This issue affects Splendour: from n/a through = 1.23...
CVE-2025-69397
CVE-2025-69397 affects the WordPress Tint theme by ThemeREX. It is a PHP Local File Inclusion caused by improper Control of Filename for Include/Require, impacting Tint versions through 1.7. CVSS 3.1 base 8.1 (HIGH). Affected: Tint
CVE-2025-69398
CVE-2025-69398 describes a Local File Inclusion in the WordPress Theme Plank (ThemeREX Plank) up to version 1.7, caused by improper control of the filename used in Include/Require statements. The Red Hat/PatchStack entries corroborate that Plank
CVE-2025-68841
CVE-2025-68841 refers to the TopperPack – Complete Elementor Addons, Theme & CPT Builder plugin (
CVE-2025-67981 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...
PT-2026-21202
Name of the Vulnerable Software and Affected Versions Jetpack CRM versions through 6.7.0 Description A flaw exists in Automattic Jetpack CRM that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue impacts the software when handling...
PT-2026-21180
Name of the Vulnerable Software and Affected Versions ThemeREX Cobble versions through 1.7 Description A flaw exists in ThemeREX Cobble that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue is related to a 'PHP Remote File Inclusio...
PT-2026-21092
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...