CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8823 matches found

NVD•added 2025/11/06 4:15 p.m.•3 views

CVE-2025-39466

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4...

8.1CVSS0.00384EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•1 views

CVE-2025-62075 WordPress Simple Payment plugin <= 2.4.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ido Kobelkowsky Simple Payment simple-payment.This issue affects Simple Payment: from n/a through = 2.4.6...

7.5CVSS6.7AI score0.00127EPSS

Exploits0References1

CVE•added 2025/11/06 3:55 p.m.•8 views

CVE-2025-62067

CVE-2025-62067 is an Unauthenticated Local File Inclusion in the WordPress Savory theme (Savory) versions up to 2.5, caused by improper control of the filename in Include/Require statements. CVSS v3.1 base score 8.1 (HIGH) with high confidentiality and integrity impact, no availability impact. Co...

8.1CVSS6.7AI score0.0014EPSS

Exploits0References1

CVE•added 2025/11/06 3:55 p.m.•8 views

CVE-2025-62053

CVE-2025-62053 describes a Local File Inclusion (LFI) vulnerability in the WordPress Houzez theme prior to version 4.2.0 . The issue arises from an improper control of the filename used in include/require statements within the PHP code, enabling an attacker to potentially include local files on t...

8.1CVSS6.7AI score0.0014EPSS

Exploits0References1

CVE•added 2025/11/06 3:55 p.m.•5 views

CVE-2025-62014

The CVE-2025-62014 entry documents a Local File Inclusion vulnerability in the WordPress ITok theme (WordPress plugin) versions up to and including 1.1.42. The issue is described as improper control of the filename for include/require statements in PHP, enabling PHP Remote File Inclusion under th...

8.1CVSS6.7AI score0.0014EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•1 views

CVE-2025-62010 WordPress Famita theme <= 1.54 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Famita famita allows PHP Local File Inclusion.This issue affects Famita: from n/a through = 1.54...

8.1CVSS6.7AI score0.00124EPSS

Exploits0References1

CVE•added 2025/11/06 3:55 p.m.•5 views

CVE-2025-62010

CVE-2025-62010 describes an improper control of the filename used in PHP include/require statements in the WordPress Famita theme (Famita,

8.1CVSS6.7AI score0.00124EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•3 views

CVE-2025-60248 WordPress WPC Product Options for WooCommerce plugin <= 3.1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPClever WPC Product Options for WooCommerce wpc-product-options allows PHP Local File Inclusion.This issue affects WPC Product Options for WooCommerce: from n/a through = 3.1.3...

7.5CVSS5.9AI score0.00123EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•2 views

CVE-2025-60240 WordPress AnyComment plugin <= 0.3.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Alexander AnyComment anycomment allows PHP Local File Inclusion.This issue affects AnyComment: from n/a through = 0.3.6...

7.5CVSS6.7AI score0.00113EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•1 views

CVE-2025-60201 WordPress WP Customer Area plugin <= 8.3.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in aguilatechnologies WP Customer Area customer-area allows PHP Local File Inclusion.This issue affects WP Customer Area: from n/a through = 8.3.5...

7.5CVSS5.3AI score0.00113EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:54 p.m.•5 views

CVE-2025-60199 WordPress InHype - Blog & Magazine WordPress Theme theme <= 1.5.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx InHype - Blog & Magazine WordPress Theme inhype allows PHP Local File Inclusion.This issue affects InHype - Blog & Magazine WordPress Theme: from n/a through = 1.5.2...

8.1CVSS0.00124EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:54 p.m.•1 views

CVE-2025-60199 WordPress InHype - Blog & Magazine WordPress Theme theme <= 1.5.2 - Local File Inclusion vulnerability

8.1CVSS6.7AI score0.00124EPSS

Exploits0References1

CVE•added 2025/11/06 3:54 p.m.•6 views

CVE-2025-60198

CVE-2025-60198 affects the WordPress plugin/theme Saxon – Viral Content Blog & Magazine Marketing WordPress Theme (Saxon) up to version 1.9.3. The issue is an improper control of the filename for include/require statements, enabling PHP Local File Inclusion. Affected component: Saxon theme (PHP c...

8.1CVSS6.7AI score0.00124EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:54 p.m.•6 views

CVE-2025-60190 WordPress Immocaster WordPress Plugin plugin <= 1.3.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hinnerk Altenburg Immocaster WordPress Plugin immocaster allows PHP Local File Inclusion.This issue affects Immocaster WordPress Plugin: from n/a through = 1.3.6...

8.1CVSS0.00124EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:54 p.m.•5 views

CVE-2025-58995 WordPress Leblix Theme <= 2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Leblix leblix allows PHP Local File Inclusion.This issue affects Leblix: from n/a through = 2.4...

8.1CVSS0.00124EPSS

Exploits0References1

CVE•added 2025/11/06 3:54 p.m.•6 views

CVE-2025-58995

CVE-2025-58995 affects the WordPress Leblix theme (<= 2.4) with an improper control of filenames in Include/Require, enabling Local File Inclusion. Public descriptions confirm vulnerability in Leblix

8.1CVSS6.7AI score0.00124EPSS

Exploits0References1

EUVD•added 2025/11/06 3:53 p.m.•2 views

EUVD-2025-38016

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...

6.6AI score0.00113EPSS

Exploits0References2

EUVD•added 2025/11/06 3:53 p.m.•2 views

EUVD-2025-38017

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bslthemes Kinsley kinsley allows PHP Local File Inclusion.This issue affects Kinsley: from n/a through = 3.4.4...

6.2AI score0.00124EPSS

Exploits0References2

Vulnrichment•added 2025/11/06 3:53 p.m.•1 views

CVE-2025-48290 WordPress Kinsley theme <= 3.4.4 - Local File Inclusion vulnerability

8.1CVSS6.3AI score0.00124EPSS

Exploits0References1

CVE•added 2025/11/06 3:53 p.m.•22 views

CVE-2025-48290

CVE-2025-48290 affects the WordPress Kinsley theme (and related WordPress ecosystem references) up to version 3.4.4, due to improper control of filenames for include/require statements, enabling Local File Inclusion (LFI). Root cause: PHP filename handling flaw in the Kinsley theme’s include/requ...

8.1CVSS6.3AI score0.00124EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by