CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8799 matches found

CVE•added 2025/12/18 7:22 a.m.•7 views

CVE-2025-6326

CVE-2025-6326 affects WordPress Inset theme (and related Inset components) up to version 1.18.0, exposing a PHP Local File Inclusion via improper control of the filename for include/require. The vulnerability enables access to local files due to an insecure inclusion mechanism. The provided docum...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•1 views

CVE-2025-6326 WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through = 1.18.0...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•16 views

CVE-2025-60067 WordPress Giardino theme <= 1.1.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Giardino giardino allows PHP Local File Inclusion.This issue affects Giardino: from n/a through = 1.1.10...

8.1CVSS0.0011EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•7 views

CVE-2025-60067

CVE-2025-60067 is a local/file inclusion vulnerability in the WordPress Giardino theme (versions <= 1.1.10). The issue is described as Improper Control of Filename for Include/Require Statement in PHP, enabling PHP Local File Inclusion. Affected product/component: WordPress Giardino theme; roo...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/18 7:22 a.m.•21 views

CVE-2025-60066 WordPress Katelyn theme <= 1.0.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Katelyn katelyn allows PHP Local File Inclusion.This issue affects Katelyn: from n/a through = 1.0.10...

8.1CVSS0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•23 views

CVE-2025-60065 WordPress Pinevale theme <= 1.0.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Pinevale pinevale allows PHP Local File Inclusion.This issue affects Pinevale: from n/a through = 1.0.14...

8.1CVSS0.0011EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•8 views

CVE-2025-60064

CVE-2025-60064 describes a PHP Local File Inclusion in the WordPress Renewal theme (versions <= 1.2.2) due to improper control of filenames for include/require. The issue affects Renewal; CVSS 3.1 base score 8.1 (HIGH) with network attack vector, no privileges required, user interaction requir...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/18 7:22 a.m.•20 views

CVE-2025-60063 WordPress Rosalinda theme <= 1.2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through = 1.2.3...

8.1CVSS0.0011EPSS

Exploits0References1

EUVD•added 2025/12/18 7:22 a.m.•1 views

EUVD-2025-204122

8.2CVSS6.6AI score0.0011EPSS

Exploits0References2

Cvelist•added 2025/12/18 7:22 a.m.•20 views

CVE-2025-60064 WordPress Renewal theme <= 1.2.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Renewal renewal allows PHP Local File Inclusion.This issue affects Renewal: from n/a through = 1.2.2...

8.1CVSS0.0011EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•5 views

CVE-2025-60058

The CVE is linked to WordPress DetailX theme versions up to 1.10.0, with a Local File Inclusion (LFI) risk caused by improper control of filenames in PHP include/require statements. Affected software: DetailX detailx (WordPress plugin/theme) <= 1.10.0. Root cause: improper filename handling en...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•1 views

CVE-2025-60060 WordPress Pubzinne theme <= 1.0.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Pubzinne pubzinne allows PHP Local File Inclusion.This issue affects Pubzinne: from n/a through = 1.0.12...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•6 views

CVE-2025-60054

CVE-2025-60054 affects the WordPress OnLeash theme (AncoraThemes OnLeash) version <= 1.5.2. The vulnerability is an improper control of the filename used in PHP include/require, enabling PHP Local File Inclusion (LFI). The issue arises from how filenames are handled in the OnLeash code path, a...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

EUVD•added 2025/12/18 7:22 a.m.•0 views

EUVD-2025-204132

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes MaxCube maxcube allows PHP Local File Inclusion.This issue affects MaxCube: from n/a through = 1.3.1...

8.2CVSS6.6AI score0.0011EPSS

Exploits0References2

Cvelist•added 2025/12/18 7:22 a.m.•20 views

CVE-2025-60055 WordPress Fabrica theme <= 1.8.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fabrica fabrica allows PHP Local File Inclusion.This issue affects Fabrica: from n/a through = 1.8.1...

8.1CVSS0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•17 views

CVE-2025-60053 WordPress MaxCube theme <= 1.3.1 - Local File Inclusion vulnerability

8.1CVSS0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•19 views

CVE-2025-60056 WordPress Winger theme <= 1.0.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Winger winger allows PHP Local File Inclusion.This issue affects Winger: from n/a through = 1.0.16...

8.1CVSS0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•22 views

CVE-2025-60052 WordPress W&D theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes W&D wd allows PHP Local File Inclusion.This issue affects W&D: from n/a through = 1.0...

8.1CVSS0.0011EPSS

Exploits0References1

EUVD•added 2025/12/18 7:22 a.m.•1 views

EUVD-2025-204135

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through = 1.21...

8.2CVSS6.6AI score0.0011EPSS

Exploits0References2

CVE•added 2025/12/18 7:22 a.m.•6 views

CVE-2025-60049

CVE-2025-60049 concerns the WordPress Soleil theme (versions

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by