8828 matches found
CVE-2025-53334
CVE-2025-53334 is a Local File Inclusion vulnerability in the WordPress Jannah theme (
CVE-2025-53326
CVE-2025-53326 describes an Unauthenticated Local File Inclusion in the WordPress Gutenify plugin (CodeYatri Gutenify) due to Improper Control of Filename for Include/Require Statements. Affected versions are Gutenify up to 1.5.6 (and earlier references show up to 1.5.4 in some advisories). The C...
CVE-2025-53328 WordPress Poll, Survey & Quiz Maker Plugin by Opinion Stage Plugin <= 19.11.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Opinion Stage Poll, Survey & Quiz Maker Plugin by Opinion Stage social-polls-by-opinionstage allows PHP Local File Inclusion.This issue affects Poll, Survey & Quiz Maker Plugin b...
CVE-2025-53248
CVE-2025-53248 affects the WordPress theme Eximious Magazine (Magazine: versions up to 1.2.2). The issue is an improper control of filename for Include/Require statements in PHP, enabling Local File Inclusion (LFI). Public sources consistently identify Eximious Magazine <= 1.2.2 as vulnerable ...
CVE-2025-53244 WordPress Magazine Elite Theme <= 1.2.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Unfoldwp Magazine Elite allows PHP Local File Inclusion. This issue affects Magazine Elite: from n/a through 1.2.4...
CVE-2025-53216
CVE-2025-53216 affects ThemeUniver Glamer (WordPress theme)
CVE-2025-49383 WordPress Neresa Theme <= 1.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Neresa allows PHP Local File Inclusion. This issue affects Neresa: from n/a through 1.3...
CVE-2025-49383 WordPress Neresa Theme <= 1.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Neresa neresa-wp allows PHP Local File Inclusion.This issue affects Neresa: from n/a through = 1.3...
PT-2025-35048
Name of the Vulnerable Software and Affected Versions: Unfoldwp Magazine Saga versions through 1.2.7 Description: The software contains an Improper Control of Filename for Include/Require Statement 'PHP Remote File Inclusion' issue, allowing PHP Local File Inclusion. Recommendations: Update...
PT-2025-35053
Name of the Vulnerable Software and Affected Versions: Unfoldwp Magazine versions through 1.2.2 Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. Recommendations: Update Unfoldwp Magazine to a version lat...
PT-2025-35058
Name of the Vulnerable Software and Affected Versions: TieLabs Jannah versions through 7.4.1 Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. Recommendations: Update Jannah to a version later than 7.4.1...
PT-2025-35062
Name of the Vulnerable Software and Affected Versions: gavias Kipso versions through 1.3.4 Description: The software contains an Improper Control of Filename for Include/Require Statement 'PHP Remote File Inclusion' vulnerability, which allows for PHP Local File Inclusion. Recommendations: Update...
PT-2025-35043
Name of the Vulnerable Software and Affected Versions: Glamer versions through 1.0.2 Description: The software contains an Improper Control of Filename for Include/Require Statement, specifically a PHP Local File Inclusion issue. Recommendations: Update to a version beyond 1.0.2...
PT-2025-35052
Name of the Vulnerable Software and Affected Versions: BlogMarks versions n/a through 1.0.8 Description: A PHP Local File Inclusion issue exists in WPInterface BlogMarks due to improper control of filename for include/require statements. This allows for potential exploitation through PHP Remote...
CVE-2025-9529
CVE-2025-9529 affects Campcodes Payroll Management System 1.0. The vulnerability is a remote file inclusion caused by manipulating the page argument in the /index.php include function. Multiple sources confirm this weakness and remote exploitation is possible, with public exploits available. No s...
Linux Distros Unpatched Vulnerability : CVE-2022-1120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing filtering in an error message in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 exposed sensitive...
Linux Distros Unpatched Vulnerability : CVE-2018-17567
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the include key in the...
Linux Distros Unpatched Vulnerability : CVE-2016-7998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a...
CVE-2025-54750
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Aman Funnel Builder by FunnelKit funnel-builder allows PHP Local File Inclusion.This issue affects Funnel Builder by FunnelKit: from n/a through = 3.11.1...
CVE-2025-54031
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...