CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8797 matches found

Cvelist•added 2026/03/05 5:53 a.m.•24 views

CVE-2026-27337 WordPress Chronicle - Lifestyle Magazine & Blog WordPress Theme theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress...

8.1CVSS0.00056EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-27326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

5.9AI score0.00172EPSS

Exploits0References2

CVE•added 2026/03/05 5:53 a.m.•7 views

CVE-2026-27097

CVE-2026-27097 affects AncoraThemes CasaMia WordPress Theme (≤1.1.2). The vulnerability is a PHP Local File Inclusion caused by improper control of filenames in include/require. Impact: potential disclosure of local files; CVSS 3.1Base 8.1 (High). Patch status in reports: Unpatched; remediation g...

8.1CVSS5.9AI score0.00056EPSS

Exploits1References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-27097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

5.9AI score0.00056EPSS

Exploits1References2

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-27326

CVE-2026-27326 affects the AC Services | HVAC WordPress theme (window-ac-services), with Improper Handling of Include/Require in PHP leading to Local File Inclusion. Public reports (Wordfence) indicate the issue exists for theme versions up to 1.2.5 and is currently Unpatched. Affected component ...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•24 views

CVE-2026-23801 WordPress The Issue theme <= 1.6.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes The Issue theissue allows PHP Local File Inclusion.This issue affects The Issue: from n/a through = 1.6.11...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•26 views

CVE-2026-22476 WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through = 1.0...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•1 views

CVE-2026-22476 WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through = 1.0...

5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-22456 WordPress Askka theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Askka askka allows PHP Local File Inclusion.This issue affects Askka: from n/a through = 1.0...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•0 views

CVE-2026-22456 WordPress Askka theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Askka askka allows PHP Local File Inclusion.This issue affects Askka: from n/a through = 1.0...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-22452 WordPress Hoverex theme <= 1.5.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Hoverex hoverex allows PHP Local File Inclusion.This issue affects Hoverex: from n/a through = 1.5.10...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-22446

CVE-2026-22446 affects WordPress theme Prowess (Select-Themes) up to version 1.8.1. Root cause: improper control of filename for include/require in PHP, enabling PHP Local File Inclusion. Impact: high-severity risk (LFI) per sources. Remediation: upgrade to a version later than 1.8.1 (vendor guid...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•0 views

CVE-2026-22446 WordPress Prowess theme <= 1.8.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through = 1.8.1...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-22449

CVE-2026-22449 affects WordPress theme Don Peppe (Don Peppe: <= 1.3). The vulnerability is a PHP Local File Inclusion caused by Improper Control of Filename for Include/Require (PHP Remote File Inclusion). Wordfence notes this as an unauthenticated LFI vulnerability and indicates it remains un...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•0 views

CVE-2026-22443 WordPress Alliance theme <= 3.1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Alliance alliance allows PHP Local File Inclusion.This issue affects Alliance: from n/a through = 3.1.1...

5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-22439 WordPress Green Planet theme <= 1.1.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Green Planet green-planet allows PHP Local File Inclusion.This issue affects Green Planet: from n/a through = 1.1.14...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-22442

CVE-2026-22442 is a Local File Inclusion vulnerability in the WordPress Tribe theme (LaunchandSell Tribe) affecting versions up to 1.7.3. The issue is caused by improper handling of filename resolution in include/require statements, enabling an attacker to potentially include local files via PHP....

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•27 views

CVE-2026-22441 WordPress Zentrum theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Zentrum zentrum allows PHP Local File Inclusion.This issue affects Zentrum: from n/a through = 1.0...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-22442 WordPress Tribe theme <= 1.7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LaunchandSell Tribe tribe allows PHP Local File Inclusion.This issue affects Tribe: from n/a through = 1.7.3...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•8 views

CVE-2026-22436

CVE-2026-22436 describes an unauthenticated Local File Inclusion in the WordPress theme Helvig by Elated-Themes, affecting Helvig versions up to 1.0. The flaw arises from improper control of the filename used in PHP include/require statements (PHP Local File Inclusion). Public sources identify th...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by