CVE-2025-58923 WordPress Critique theme <= 1.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Critique critique allows PHP Local File Inclusion.This issue affects Critique: from n/a through = 1.17...

CVE-2025-58899

CVE-2025-58899 affects WordPress Frame/AncoraThemes Frame frame versions up to and including 2.4.0. The vulnerability is a PHP Local File Inclusion caused by improper control of the filename for include/require statements. As described in the sources, this can lead to local file inclusion within ...

CVE-2025-58896 WordPress Otaku theme <= 1.8.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Otaku otaku allows PHP Local File Inclusion.This issue affects Otaku: from n/a through = 1.8.0...

CVE-2025-58894 WordPress Good Mood theme <= 1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Good Mood good-mood allows PHP Local File Inclusion.This issue affects Good Mood: from n/a through = 1.16...

CVE-2025-58891 WordPress Sanger theme <= 1.24.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Sanger sanger allows PHP Local File Inclusion.This issue affects Sanger: from n/a through = 1.24.0...

CVE-2025-58895 WordPress Integro theme <= 1.8.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Integro integro allows PHP Local File Inclusion.This issue affects Integro: from n/a through = 1.8.0...

CVE-2025-58892 WordPress Tourimo theme <= 1.2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Tourimo tourimo allows PHP Local File Inclusion.This issue affects Tourimo: from n/a through = 1.2.3...

CVE-2025-58892 WordPress Tourimo theme <= 1.2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Tourimo tourimo allows PHP Local File Inclusion.This issue affects Tourimo: from n/a through = 1.2.3...

CVE-2025-58895

CVE-2025-58895 affects the WordPress Integro theme (

CVE-2025-58889 WordPress Towny theme <= 1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Towny towny allows PHP Local File Inclusion.This issue affects Towny: from n/a through = 1.16...

CVE-2025-58885 WordPress Pathfinder theme <= 1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pathfinder pathfinder allows PHP Local File Inclusion.This issue affects Pathfinder: from n/a through = 1.16...

CVE-2025-58889 WordPress Towny theme <= 1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Towny towny allows PHP Local File Inclusion.This issue affects Towny: from n/a through = 1.16...

CVE-2025-58888 WordPress The Flash theme <= 1.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes The Flash theflash allows PHP Local File Inclusion.This issue affects The Flash: from n/a through = 1.15...

CVE-2025-58889

Summary: CVE-2025-58889 affects the WordPress Towny theme (versions prior to 1.17). The root cause is improper control of filenames in include/require statements, enabling a PHP Local File Inclusion (LFI) vulnerability. Affected component: Towny plugin/theme code for WordPress. Impact: potential ...

CVE-2025-58890

CVE-2025-58890 concerns WordPress/AncoraThemes Playful theme versions up to and including 1.19.0, where an improper control of filename for include/require statements enables PHP Local File Inclusion. The advisory documents indicate a PHP Local File Inclusion vulnerability in Playful, affecting v...

CVE-2025-58708 WordPress 777 theme <= 1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes 777 triple-seven allows PHP Local File Inclusion.This issue affects 777: from n/a through = 1.3...

CVE-2025-58803 WordPress Algenix theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Algenix algenix allows PHP Local File Inclusion.This issue affects Algenix: from n/a through = 1.0...

CVE-2025-53448 WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

CVE-2025-53443 WordPress Smash theme <= 1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Smash smash allows PHP Local File Inclusion.This issue affects Smash: from n/a through = 1.7...

CVE-2025-53447 WordPress Assembly theme <= 1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Assembly assembly allows PHP Local File Inclusion.This issue affects Assembly: from n/a through = 1.1...