CVE-2025-68841

CVE-2025-68841 refers to the TopperPack – Complete Elementor Addons, Theme & CPT Builder plugin (

CVE-2025-68543

CVE-2025-68543: Local File Inclusion in WordPress theme Diza (thembay) up to version 1.3.15 due to improper control of include/require filenames. Affected: Diza

CVE-2025-67992 WordPress PatioTime theme < 2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue affects PatioTime: from n/a through 2.1...

CVE-2025-67981 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

CVE-2025-67988 WordPress CozyStay theme < 1.9.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean CozyStay cozystay allows PHP Local File Inclusion.This issue affects CozyStay: from n/a through 1.9.1...

CVE-2025-67982 WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.12...

CVE-2026-27174

MajorDoMo aka Major Domestic Module allows unauthenticated remote code execution via the admin panel's PHP console feature. An include order bug in modules/panel.class.php causes execution to continue past a redirect call that lacks an exit statement, allowing unauthenticated requests to reach th...

PT-2026-21168

Name of the Vulnerable Software and Affected Versions whatwouldjessedo Simple Retail Menus versions through 4.2.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP...

PT-2026-21093

Name of the Vulnerable Software and Affected Versions thembay Fana versions through 1.1.35 Description An issue exists in thembay Fana related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion. This allows for potential unauthorized access or...

PT-2026-21097

Name of the Vulnerable Software and Affected Versions thembay Nika versions through 1.2.14 Description An issue exists in thembay Nika that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This is a PHP Remote File Inclusion issue...

PT-2026-21220

Name of the Vulnerable Software and Affected Versions AncoraThemes Saveo versions through 1.1.2 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

PT-2026-21092

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...

PT-2026-21103

Name of the Vulnerable Software and Affected Versions Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder versions through 1.2.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusio...

PT-2026-21179

Name of the Vulnerable Software and Affected Versions ThemeREX Plank versions through 1.7 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion. Recommendations...

PT-2026-21223

Name of the Vulnerable Software and Affected Versions AncoraThemes UnlimHost versions through 1.2.3 Description The software contains a flaw related to improper control of filenames used in include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of...

PT-2026-21053

Name of the Vulnerable Software and Affected Versions thembay Hara versions through 1.2.17 Description An improper control of filename for include/require statement exists in the thembay Hara software, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local files withi...

PT-2026-21188

Name of the Vulnerable Software and Affected Versions Select-Themes Struktur versions through 2.5.1 Description The software contains a flaw related to improper control of filenames used in include/require statements, potentially leading to PHP Local File Inclusion. This allows an attacker to...

PT-2026-21210

Name of the Vulnerable Software and Affected Versions AncoraThemes Coworking versions through 1.6.1 Description The software contains a flaw related to improper control of filename handling for include/require statements, potentially leading to PHP Local File Inclusion. The issue allows for the...

PT-2026-21216

Name of the Vulnerable Software and Affected Versions AncoraThemes Fooddy versions through 1.3.10 Description The software contains an Improper Control of Filename for Include/Require Statement issue, specifically a PHP Local File Inclusion. This allows for the inclusion of local files...

PT-2026-21217

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This issue affects Zio Alberto: from n/a through = 1.2.2...