CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

CVE-2025-69083

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Frappé frappe allows PHP Local File Inclusion.This issue affects Frappé: from n/a through = 1.8...

CVE-2025-69342

CVE-2025-69342 affects the Calafate WordPress Theme (Calafate – Portfolio & WooCommerce Creative WordPress Theme) up to version 1.7.7. Wordfence reports an Authenticated Local File Inclusion vulnerability via an include/require path in the theme, i.e., a user with Contributor+ privileges could ca...

CVE-2025-69342 WordPress Calafate theme <= 1.7.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VanKarWai Calafate calafate allows PHP Local File Inclusion.This issue affects Calafate: from n/a through = 1.7.7...

CVE-2025-69086

CVE-2025-69086 (Issabella theme) is an unauthenticated Local File Inclusion in the Issabella WordPress theme (

CVE-2025-69087

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes FreeAgent freeagent allows PHP Local File Inclusion.This issue affects FreeAgent: from n/a through = 2.1.2...

WordPress plugin Calafate 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Issabella 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2026-1496

Name of the Vulnerable Software and Affected Versions Elated-Themes Frappé versions through 1.8 Description An improper control of filename for include/require statement exists in Elated-Themes Frappé, allowing for PHP Local File Inclusion. The issue involves the potential for an attacker to...

CVE-2025-69087

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes FreeAgent freeagent allows PHP Local File Inclusion.This issue affects FreeAgent: from n/a through = 2.1.2...

CVE-2025-62753

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in MadrasThemes MAS Videos masvideos allows PHP Local File Inclusion.This issue affects MAS Videos: from n/a through = 1.3.4...

CVE-2025-69034

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Lekker lekker allows PHP Local File Inclusion.This issue affects Lekker: from n/a through = 1.8...

CVE-2025-68983

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects Greenmart: from n/a through = 4.2.11...

CVE-2025-68996

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

CVE-2025-68984

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Puca puca allows PHP Local File Inclusion.This issue affects Puca: from n/a through = 2.6.39...

EUVD-2025-205865

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in MadrasThemes MAS Videos allows PHP Local File Inclusion.This issue affects MAS Videos: from n/a through 1.3.2...

CVE-2025-62753

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in MadrasThemes MAS Videos masvideos allows PHP Local File Inclusion.This issue affects MAS Videos: from n/a through = 1.3.4...

CVE-2025-68870

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in reDim GmbH CookieHint WP cookiehint-wp allows PHP Local File Inclusion.This issue affects CookieHint WP: from n/a through = 1.0.0...

EUVD-2025-205761

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through =...

CVE-2025-69034

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Lekker lekker allows PHP Local File Inclusion.This issue affects Lekker: from n/a through = 1.8...