Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8834 matches found

NVD
NVDadded 2026/01/22 5:15 p.m.2 views

CVE-2025-54003

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Depot depot allows PHP Local File Inclusion.This issue affects Depot: from n/a through = 1.16...

8.1CVSS0.00504EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 5:15 p.m.3 views

CVE-2025-49994

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through = 1.1.6...

8.1CVSS0.00519EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 5:15 p.m.5 views

CVE-2025-47474

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ninetheme Anarkali anarkali allows PHP Local File Inclusion.This issue affects Anarkali: from n/a through = 1.0.9...

8.1CVSS0.00561EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/22 4:52 p.m.1 views

CVE-2026-24390 WordPress Kentha Elementor Widgets plugin < 3.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through 3.1...

7.5CVSS5.9AI score0.00306EPSS
Exploits0References1
CVE
CVEadded 2026/01/22 4:52 p.m.10 views

CVE-2026-23975

CVE-2026-23975 is a WordPress Golo theme vulnerability (Golo

7.5CVSS5.5AI score0.00384EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2026-23978

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...

9.8CVSS5.4AI score0.00384EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2026-22464

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows PHP Local File Inclusion.This issue affects My auctions allegro: from n/a through = 3.6.33...

7.5CVSS5.4AI score0.00484EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 4:52 p.m.9 views

CVE-2026-22402

CVE-2026-22402 describes an improper filename control in the WordPress theme Triply (Triply Tour Booking) that enables PHP Local File Inclusion (LFI) via include/require. Affected: Triply versions from n/a through 2.4.7. Root cause: improper validation of included file paths, allowing an attacker...

7.5CVSS5.5AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2026-22402

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...

7.5CVSS5.4AI score0.0037EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2026-22401

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Freshio freshio allows PHP Local File Inclusion.This issue affects Freshio: from n/a through = 2.4.2...

7.5CVSS5.4AI score0.0037EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.3 views

CVE-2025-69314

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...

8.1CVSS5.3AI score0.00403EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/22 4:52 p.m.16 views

CVE-2025-69314 WordPress Werkstatt theme < 4.8.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...

8.1CVSS0.00403EPSS
Exploits0References1
CVE
CVEadded 2026/01/22 4:52 p.m.9 views

CVE-2025-69075

CVE-2025-69075 is an Granular WordPress Yolox theme Local File Inclusion (LFI) vulnerability. The Yolox WordPress theme is affected from n/a up to and including version 1.0.15, due to improper control of filenames in PHP include/require statements. The NVD/Red Hat entries describe the issue as an...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.1 views

CVE-2025-69078

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Malta malta allows PHP Local File Inclusion.This issue affects Malta: from n/a through = 1.3.3...

8.1CVSS5.3AI score0.00512EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.3 views

CVE-2025-69077

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Hobo hobo allows PHP Local File Inclusion.This issue affects Hobo: from n/a through = 1.0.10...

8.1CVSS5.3AI score0.00403EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 4:52 p.m.13 views

CVE-2025-69073

CVE-2025-69073 is described as an "Improper Control of Filename for Include/Require Statement" (PHP Local File Inclusion) in the WordPress theme/plugin "Piqes" by AncoraThemes. The vulnerability affects Piqes versions up to and including 1.0.11, and the description indicates an inclusion/require ...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/22 4:52 p.m.1 views

CVE-2025-69073 WordPress Piqes theme <= 1.0.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through = 1.0.11...

8.1CVSS5.9AI score0.00512EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2025-69071

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes TanTum tantum allows PHP Local File Inclusion.This issue affects TanTum: from n/a through = 1.1.13...

8.1CVSS5.3AI score0.00512EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.3 views

CVE-2025-69074

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pearson Specter pearsonspecter allows PHP Local File Inclusion.This issue affects Pearson Specter: from n/a through = 1.11.3...

8.1CVSS5.3AI score0.00512EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 4:52 p.m.16 views

CVE-2025-69065

CVE-2025-69065 — In the WordPress theme WordPress Snow Mountain (AncoraThemes) there is an issue described as an improper control of filenames for PHP Include/Require, resulting in a Local File Inclusion (LFI) vulnerability. Affected: Snow Mountain versions

8.1CVSS5.5AI score0.00403EPSS
Exploits0References1
Rows per page
Query Builder