8799 matches found
CVE-2026-22493
CVE-2026-22493 describes a Local File Inclusion in WordPress Gaspard theme (<= 1.3) due to improper filename handling for PHP Include/Require. Impact may allow an attacker to disclose or manipulate local files via a PHP inclusion vector. The Red Hat and NVD records confirm the same vulnerabili...
CVE-2026-22493 WordPress Gaspard theme <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through = 1.3...
CVE-2026-22498
CVE-2026-22498 corresponds to a Local File Inclusion in WordPress Laurent theme versions = 3.2 or the vendor-released patch; as a workaround, avoid including untrusted local files via PHP include/require in the affected theme. The vulnerability affects the WordPress Laurent theme’s inclusion mech...
CVE-2026-22496
CVE-2026-22496 is a local file inclusion (PHP) vulnerability in the WordPress Hypnotherapy theme (Hypnotherapy) up to version 1.2.10. The issue arises from improper control of filenames in include/require statements (PHP RFI). Affected installations could be exploited remotely via the plugin/them...
CVE-2026-22498 WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through = 3.1...
PT-2026-27979
Name of the Vulnerable Software and Affected Versions Mikado-Themes Deston versions n/a through 1.0 Description A flaw exists in the handling of filenames for include/require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Mikado-Themes Deston. This allows for P...
PT-2026-27820
Name of the Vulnerable Software and Affected Versions Laurent versions prior to 3.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files within t...
PT-2026-27932
Name of the Vulnerable Software and Affected Versions jwsthemes IdealAuto versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program, specifically in jwsthemes IdealAuto. This allows for PHP Local File Inclusion. The...
PT-2026-27974
Name of the Vulnerable Software and Affected Versions Mikado-Themes Belfort versions n/a through 1.0 Description A flaw exists in the handling of filenames used in include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Mikado-Themes Belfort. This allows...
PT-2026-27816
Name of the Vulnerable Software and Affected Versions Elated-Themes Gaspard versions n/a through 1.3 Description A flaw exists in the handling of filenames for Include/Require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Elated-Themes Gaspard. This allows for...
PT-2026-27954
Name of the Vulnerable Software and Affected Versions Select-Themes Moments versions n/a through 2.2 Description A flaw exists in the handling of file names within the include/require statements of a PHP program, specifically a PHP Local File Inclusion issue in Select-Themes Moments. This allows...
PT-2026-27821
Name of the Vulnerable Software and Affected Versions Elated-Themes Lella versions n/a through 1.2 Description The software contains a flaw due to improper control of the filename for Include/Require statements in the PHP program, leading to a PHP Local File Inclusion issue. The vulnerable...
PT-2026-27819
Name of the Vulnerable Software and Affected Versions AncoraThemes Hypnotherapy versions through 1.2.10 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Loc...
PT-2026-27834
Name of the Vulnerable Software and Affected Versions AncoraThemes Triompher versions through 1.1.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local...
PT-2026-27980
Name of the Vulnerable Software and Affected Versions Mikado-Themes Rosebud versions through 1.4 Description A flaw exists in the handling of filenames used in include/require statements within the PHP code of Mikado-Themes Rosebud, leading to a PHP Local File Inclusion issue. This allows for the...
PT-2026-27824
Name of the Vulnerable Software and Affected Versions ThemeREX Nelson versions n/a through 1.2.0 Description A flaw exists in ThemeREX Nelson due to improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion issue. The...
PT-2026-27835
Name of the Vulnerable Software and Affected Versions AncoraThemes Unica versions through 1.4.1 Description The software contains a flaw related to improper control of filename handling for include/require statements, leading to a PHP Remote File Inclusion issue. This allows for PHP Local File...
PT-2026-28019
Name of the Vulnerable Software and Affected Versions CreativeWS Kiddy versions through 2.0.8 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...
PT-2026-28018
Name of the Vulnerable Software and Affected Versions CreativeWS VintWood versions n/a through 1.1.8 Description The software contains a flaw due to improper control of filename handling for Include/Require statements in the PHP program, leading to a PHP Local File Inclusion issue. The affected...
Support Board SQL注入漏洞
Support Board is a sales chat software developed by the British company Support Board. Version 3.7.7 of Support Board contains an SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter calls0messageids in the file /supportboard/include/ajax.php, which may...