8843 matches found
CVE-2026-22516
CVE-2026-22516 is a Local File Inclusion vulnerability affecting WordPress plugin/theme Wizor's Wizor's Investments, specifically versions up to and including 2.12. The issue is described as an improper control of filename for Include/Require statements in PHP, enabling PHP Local File Inclusion (...
CVE-2026-22515
CVE-2026-22515 targets the VegaDays Vegadays WordPress theme (
CVE-2026-22513 WordPress Triompher theme <= 1.1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Triompher triompher allows PHP Local File Inclusion.This issue affects Triompher: from n/a through = 1.1.0...
CVE-2026-22514 WordPress Unica theme <= 1.4.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
CVE-2026-22514
CVE-2026-22514 concerns a Local File Inclusion in WordPress Theme Unica (and related RH/EUVD/NVD entries) due to improper control of filenames for PHP include/require. Affected software: AncoraThemes Unica? documentation refers to Unica WordPress theme (
CVE-2026-22512 WordPress Roisin theme <= 1.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Roisin roisin allows PHP Local File Inclusion.This issue affects Roisin: from n/a through = 1.2.1...
CVE-2026-22511 WordPress NeoBeat theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through = 1.2...
CVE-2026-22511 WordPress NeoBeat theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through = 1.2...
CVE-2026-22508
CVE-2026-22508 refers to a Local File Inclusion vulnerability in the WordPress theme “Dentalux” by AncoraThemes, due to improper control of filenames for include/require in PHP. Affected software: Dentalux versions n/a through 3.3 (inclusive). Sources indicate the issue is publicly disclosed, wit...
CVE-2026-22509 WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through = 1.4...
CVE-2026-22509 WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through = 1.4...
CVE-2026-22506
CVE-2026-22506 refers to a Local File Inclusion in the WordPress Amoli theme (Elated-Themes Amoli) via improper control of filename for include/Require in PHP. Affected: Amoli versions through 1.0 (
CVE-2026-22503 WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...
CVE-2026-22499 WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through = 1.2...
CVE-2026-22503
CVE-2026-22503 relates to the WordPress Theme Nelson by ThemeREX, where an improper filename validation in PHP include/require statements leads to a PHP Local File Inclusion (LFI) vulnerability. Affected product: Nelson versions from unspecified until <= 1.2.0. The NVD/Red Hat/patch sources de...
CVE-2026-22499
CVE-2026-22499 concerns the WordPress Lella theme. Affected software: Lella versions n/a through 1.2. Root cause: Improper control of filenames used by Include/Require in PHP, enabling Local File Inclusion. Impact per sources: potential PHP Local File Inclusion with high severity (CVSS 3.1 base 8...
CVE-2026-22499 WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through = 1.2...
CVE-2026-22502 WordPress Mr. Cobbler theme <= 1.1.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through = 1.1.9...
CVE-2026-22493
CVE-2026-22493 describes a Local File Inclusion in WordPress Gaspard theme (<= 1.3) due to improper filename handling for PHP Include/Require. Impact may allow an attacker to disclose or manipulate local files via a PHP inclusion vector. The Red Hat and NVD records confirm the same vulnerabili...
CVE-2026-22496
CVE-2026-22496 is a local file inclusion (PHP) vulnerability in the WordPress Hypnotherapy theme (Hypnotherapy) up to version 1.2.10. The issue arises from improper control of filenames in include/require statements (PHP RFI). Affected installations could be exploited remotely via the plugin/them...