PT-2025-52084

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Anubis anubis allows PHP Local File Inclusion.This issue affects Anubis: from n/a through = 1.25...

SUSE-SU-2025:21066-1 Security update for sssd

This update for sssd fixes the following issues: - CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325...

EUVD-2025-38113

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through = 2.3.6...

EUVD-2025-38118

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows PHP Local File Inclusion.This issue affects Simple Contact Forms: from n/a through = 1.6.4...

EUVD-2008-2879

Malware in sbrugna...

EUVD-2025-14798

Malicious code in bioql PyPI...

EUVD-2025-7942

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-29221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template...

CVE-2023-6553

The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote...

CVE-2025-30596

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in tstafford include-file include-file allows Path Traversal.This issue affects include-file: from n/a through = 1...

CVE-2025-30596

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in tstafford include-file include-file allows Path Traversal.This issue affects include-file: from n/a through = 1...

CVE-2025-30596 WordPress include-file plugin <= 1 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in tstafford include-file include-file allows Path Traversal.This issue affects include-file: from n/a through = 1...

CVE-2025-30596 WordPress include-file plugin <= 1 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in tstafford include-file include-file allows Path Traversal.This issue affects include-file: from n/a through = 1...

CVE-2025-30596

CVE-2025-30596 concerns an authenticated path traversal vulnerability in the WordPress plugin 'include-file' (

PT-2025-14703 · Unknown · Notfound Include-File

Name of the Vulnerable Software and Affected Versions: NotFound include-file versions n/a through 1 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, in the NotFound include-file. This vulnerability...

WordPress plugin include-file 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

CVE-2025-30595

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tstafford include-file include-file allows Stored XSS.This issue affects include-file: from n/a through = 1...

CVE-2025-30595

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tstafford include-file include-file allows Stored XSS.This issue affects include-file: from n/a through = 1...

CVE-2025-30595 WordPress include-file plugin <= 1 Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tstafford include-file include-file allows Stored XSS.This issue affects include-file: from n/a through = 1...

CVE-2025-30595

CVE-2025-30595 describes a stored XSS in the WordPress project/component named "include-file" due to improper input neutralization during web page generation. Affected: include-file (WordPress plugin/component named include-file). Exploitation details are not provided beyond the stored XSS classi...