8850 matches found
CVE-2025-58889
Summary: CVE-2025-58889 affects the WordPress Towny theme (versions prior to 1.17). The root cause is improper control of filenames in include/require statements, enabling a PHP Local File Inclusion (LFI) vulnerability. Affected component: Towny plugin/theme code for WordPress. Impact: potential ...
CVE-2025-58890
CVE-2025-58890 concerns WordPress/AncoraThemes Playful theme versions up to and including 1.19.0, where an improper control of filename for include/require statements enables PHP Local File Inclusion. The advisory documents indicate a PHP Local File Inclusion vulnerability in Playful, affecting v...
CVE-2025-58803 WordPress Algenix theme <= 1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Algenix algenix allows PHP Local File Inclusion.This issue affects Algenix: from n/a through = 1.0...
CVE-2025-58708 WordPress 777 theme <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes 777 triple-seven allows PHP Local File Inclusion.This issue affects 777: from n/a through = 1.3...
CVE-2025-53447 WordPress Assembly theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Assembly assembly allows PHP Local File Inclusion.This issue affects Assembly: from n/a through = 1.1...
CVE-2025-53443
The CVE-2025-53443 affects the WordPress Smash theme up to version 1.7, where an Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion) enables Local File Inclusion. Vulnerable component: axiomthemes Smash theme, WordPress plugin/theme context. Root cause: filename...
CVE-2025-53448 WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...
CVE-2025-53443 WordPress Smash theme <= 1.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Smash smash allows PHP Local File Inclusion.This issue affects Smash: from n/a through = 1.7...
CVE-2025-53449 WordPress Convex theme <= 1.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Convex convex allows PHP Local File Inclusion.This issue affects Convex: from n/a through = 1.11...
CVE-2025-53447 WordPress Assembly theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Assembly assembly allows PHP Local File Inclusion.This issue affects Assembly: from n/a through = 1.1...
CVE-2025-53443 WordPress Smash theme <= 1.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Smash smash allows PHP Local File Inclusion.This issue affects Smash: from n/a through = 1.7...
CVE-2025-53441
CVE-2025-53441 corresponds to a PHP Local File Inclusion in the WordPress Greeny theme (versions through 2.6). The issue arises from improper control of filenames for include/require statements, enabling Local File Inclusion via a PHP Remote File Inclusion pattern. Affected product: axiomthemes G...
CVE-2025-53438
CVE-2025-53438 describes a Local File Inclusion in WordPress FitLine theme versions through 1.6 due to improper control of filenames in include/require statements. The issue affects the FitLine component of the WordPress theme and can lead to PHP local file inclusion. Connected advisories from Re...
CVE-2025-53437
This CVE concerns the WordPress Greenorganic theme
CVE-2025-53435 WordPress Plan My Day theme <= 1.1.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Plan My Day planmyday allows PHP Local File Inclusion.This issue affects Plan My Day: from n/a through = 1.1.13...
CVE-2025-53436 WordPress Monki theme <= 2.0.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme Monki monki allows PHP Local File Inclusion.This issue affects Monki: from n/a through = 2.0.5...
CVE-2025-53430
CVE-2025-53430 affects the WordPress/AncoraThemes Etta plugin/theme (Etta ≤ 1.14.0) with a Local File Inclusion flaw caused by improper control of filenames for include/require statements. Affected product: AncoraThemes Etta (WordPress Theme) and the Etta plugin context mentions WordPress ecosyst...
CVE-2025-53430 WordPress Etta theme <= 1.14.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Etta etta allows PHP Local File Inclusion.This issue affects Etta: from n/a through = 1.14.0...
CVE-2025-53431 WordPress Emberlyn theme <= 1.3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Emberlyn emberlyn allows PHP Local File Inclusion.This issue affects Emberlyn: from n/a through = 1.3.1...
CVE-2025-53432 WordPress Echo theme <= 1.15.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Echo echo allows PHP Local File Inclusion.This issue affects Echo: from n/a through = 1.15.0...