8787 matches found
CVE-2026-22511 WordPress NeoBeat theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through = 1.2...
CVE-2026-22506
CVE-2026-22506 refers to a Local File Inclusion in the WordPress Amoli theme (Elated-Themes Amoli) via improper control of filename for include/Require in PHP. Affected: Amoli versions through 1.0 (
CVE-2026-22503 WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...
CVE-2026-22499
CVE-2026-22499 concerns the WordPress Lella theme. Affected software: Lella versions n/a through 1.2. Root cause: Improper control of filenames used by Include/Require in PHP, enabling Local File Inclusion. Impact per sources: potential PHP Local File Inclusion with high severity (CVSS 3.1 base 8...
CVE-2026-22502 WordPress Mr. Cobbler theme <= 1.1.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through = 1.1.9...
CVE-2026-22499 WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through = 1.2...
CVE-2026-22499 WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through = 1.2...
CVE-2026-22503
CVE-2026-22503 relates to the WordPress Theme Nelson by ThemeREX, where an improper filename validation in PHP include/require statements leads to a PHP Local File Inclusion (LFI) vulnerability. Affected product: Nelson versions from unspecified until <= 1.2.0. The NVD/Red Hat/patch sources de...
CVE-2026-22495 WordPress Greenville theme <= 1.3.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Greenville greenville allows PHP Local File Inclusion.This issue affects Greenville: from n/a through = 1.3.2...
CVE-2026-22493
CVE-2026-22493 describes a Local File Inclusion in WordPress Gaspard theme (<= 1.3) due to improper filename handling for PHP Include/Require. Impact may allow an attacker to disclose or manipulate local files via a PHP inclusion vector. The Red Hat and NVD records confirm the same vulnerabili...
CVE-2026-22494 WordPress Good Homes theme <= 1.3.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Good Homes good-homes allows PHP Local File Inclusion.This issue affects Good Homes: from n/a through = 1.3.13...
CVE-2026-22493 WordPress Gaspard theme <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through = 1.3...
CVE-2026-22498 WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through = 3.1...
CVE-2026-22498
CVE-2026-22498 corresponds to a Local File Inclusion in WordPress Laurent theme versions = 3.2 or the vendor-released patch; as a workaround, avoid including untrusted local files via PHP include/require in the affected theme. The vulnerability affects the WordPress Laurent theme’s inclusion mech...
CVE-2026-22496
CVE-2026-22496 is a local file inclusion (PHP) vulnerability in the WordPress Hypnotherapy theme (Hypnotherapy) up to version 1.2.10. The issue arises from improper control of filenames in include/require statements (PHP RFI). Affected installations could be exploited remotely via the plugin/them...
PT-2026-27974
Name of the Vulnerable Software and Affected Versions Mikado-Themes Belfort versions n/a through 1.0 Description A flaw exists in the handling of filenames used in include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Mikado-Themes Belfort. This allows...
PT-2026-27820
Name of the Vulnerable Software and Affected Versions Laurent versions prior to 3.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files within t...
PT-2026-27932
Name of the Vulnerable Software and Affected Versions jwsthemes IdealAuto versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program, specifically in jwsthemes IdealAuto. This allows for PHP Local File Inclusion. The...
PT-2026-27979
Name of the Vulnerable Software and Affected Versions Mikado-Themes Deston versions n/a through 1.0 Description A flaw exists in the handling of filenames for include/require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Mikado-Themes Deston. This allows for P...
PT-2026-27954
Name of the Vulnerable Software and Affected Versions Select-Themes Moments versions n/a through 2.2 Description A flaw exists in the handling of file names within the include/require statements of a PHP program, specifically a PHP Local File Inclusion issue in Select-Themes Moments. This allows...