CVE-2025-67530

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

CVE-2025-67532

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.17...

CVE-2025-67531

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in trippleS Turitor turitor allows PHP Local File Inclusion.This issue affects Turitor: from n/a through 1.5.3...

CVE-2025-67528

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.12...

CVE-2025-67524

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through = 1.1.4...

CVE-2025-67515

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.5...

CVE-2025-67515

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.5...

CVE-2025-63074

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dream-Theme The7 dt-the7 allows PHP Local File Inclusion.This issue affects The7: from n/a through 12.8.1.1...

CVE-2025-63062

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...

CVE-2025-63036

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in DFDevelopment Ronneby Theme Core ronneby-core allows PHP Local File Inclusion.This issue affects Ronneby Theme Core: from n/a through = 1.5.68...

CVE-2025-63076

CVE-2025-63076 affects The7 Elements (dt-the7-core) up to version 2.7.11, enabling PHP Local File Inclusion due to improper filename control in Include/Require. Multiple sources (Wordfence, CVE listings) confirm this vulnerability and indicate it has been patched. The advisory notes the issue as ...

CVE-2025-63074 WordPress The7 theme < 12.8.1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dream-Theme The7 dt-the7 allows PHP Local File Inclusion.This issue affects The7: from n/a through 12.8.1.1...

CVE-2025-63062

CVE-2025-63062 affects the WordPress UDesign Core plugin (≤ 4.14.0). The issue is an improper control of filenames for PHP include/require statements, leading to PHP Local File Inclusion (LFI) in u-design-core. Documents describe it as a PHP Remote File Inclusion vulnerability that actually permi...

CVE-2025-63062 WordPress UDesign Core plugin <= 4.14.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...

CVE-2025-67532 WordPress Hara theme <= 1.2.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.17...

CVE-2025-67529 WordPress Fashion theme < 5.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in OpalWP Fashion fashion2 allows PHP Local File Inclusion.This issue affects Fashion: from n/a through 5.3.0...

CVE-2025-67529 WordPress Fashion theme < 5.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in OpalWP Fashion fashion2 allows PHP Local File Inclusion.This issue affects Fashion: from n/a through 5.3.0...

CVE-2025-67526 WordPress Sailing theme < 4.4.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress Sailing sailing allows PHP Local File Inclusion.This issue affects Sailing: from n/a through 4.4.6...

CVE-2025-67526

CVE-2025-67526 affects Sailing (WordPress theme) older than 4.4.6. It is a Local File Inclusion via improper filename handling in PHP include/require, exploitable by authenticated users with Contributor+ privileges. The WordFence vulnerability list notes a high severity (9.8 in some entries; CVSS...

CVE-2025-67528 WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.12...