CVE-2025-54709

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Sala sala.This issue affects Sala: from n/a through = 1.1.6...

CVE-2025-54709 WordPress Sala Theme <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Sala sala.This issue affects Sala: from n/a through = 1.1.6...

CVE-2025-54709 WordPress Sala Theme <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Sala. This issue affects Sala: from n/a through 1.1.6...

CVE-2025-54709

CVE-2025-54709 is a Local File Inclusion vulnerability in the WordPress Sala theme (versions

WordPress plugin Include Me 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

PT-2025-36795

Name of the Vulnerable Software and Affected Versions: gavias Ziston affected versions not specified Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local files within t...

PT-2025-36804

Name of the Vulnerable Software and Affected Versions: Include Me versions through 1.3.2 Description: The software contains a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. Recommendations: Update Include Me t...

PT-2025-36782

Name of the Vulnerable Software and Affected Versions: uxper Sala versions n/a through 1.1.6 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for the inclusion of remote files, potentiall...

PT-2025-36763

Name of the Vulnerable Software and Affected Versions: highwarden Super Store Finder versions through 6.9.7 Description: The software contains an Improper Control of Filename for Include/Require Statement 'PHP Remote File Inclusion' issue. Recommendations: Update to a version later than 6.9.7...

CVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through 1.3.0...

CVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through 1.3.0...

CVE-2025-58206

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MaxCoach allows PHP Local File Inclusion. This issue affects MaxCoach: from n/a through 3.2.5...

CVE-2025-58206

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a through = 3.2.5...

CVE-2025-58206 WordPress MaxCoach Theme <= 3.2.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a through = 3.2.5...

CVE-2025-58637

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in immonex immonex Kickstart immonex-kickstart allows PHP Local File Inclusion.This issue affects immonex Kickstart: from n/a through = 1.11.6...

PT-2025-36255

Name of the Vulnerable Software and Affected Versions: gavias Indutri versions prior to 1.3.0 Description: The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion. Recommendation...

CVE-2025-9920 Campcodes Recruitment Management System index.php include file inclusion

A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts the function include of the file /admin/index.php. The manipulation of the argument page results in file inclusion. It is possible to launch the attack remotely. The exploit has been released to the...

CVE-2025-58637

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in immonex immonex Kickstart immonex-kickstart allows PHP Local File Inclusion.This issue affects immonex Kickstart: from n/a through = 1.11.6...

CVE-2025-58608 WordPress MediaPress Plugin <= 1.5.9.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BuddyDev MediaPress mediapress allows PHP Local File Inclusion.This issue affects MediaPress: from n/a through = 1.5.9.1...

CVE-2025-9260

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versions 5.1.16 to 6.1.1 via deserialization of untrusted input in the parseUserProperties function. This makes it possible for authenticated...