8843 matches found
CVE-2026-22498
CVE-2026-22498 corresponds to a Local File Inclusion in WordPress Laurent theme versions = 3.2 or the vendor-released patch; as a workaround, avoid including untrusted local files via PHP include/require in the affected theme. The vulnerability affects the WordPress Laurent theme’s inclusion mech...
CVE-2026-22498 WordPress Laurent theme <= 3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through = 3.1...
CVE-2026-22495 WordPress Greenville theme <= 1.3.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Greenville greenville allows PHP Local File Inclusion.This issue affects Greenville: from n/a through = 1.3.2...
CVE-2026-22493 WordPress Gaspard theme <= 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through = 1.3...
CVE-2026-22494 WordPress Good Homes theme <= 1.3.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Good Homes good-homes allows PHP Local File Inclusion.This issue affects Good Homes: from n/a through = 1.3.13...
PT-2026-27979
Name of the Vulnerable Software and Affected Versions Mikado-Themes Deston versions n/a through 1.0 Description A flaw exists in the handling of filenames for include/require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Mikado-Themes Deston. This allows for P...
PT-2026-27931
Name of the Vulnerable Software and Affected Versions LoveDate versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program LoveDate. This can lead to a PHP Local File Inclusion issue. The issue allows for the inclusion o...
PT-2026-28018
Name of the Vulnerable Software and Affected Versions CreativeWS VintWood versions n/a through 1.1.8 Description The software contains a flaw due to improper control of filename handling for Include/Require statements in the PHP program, leading to a PHP Local File Inclusion issue. The affected...
PT-2026-27954
Name of the Vulnerable Software and Affected Versions Select-Themes Moments versions n/a through 2.2 Description A flaw exists in the handling of file names within the include/require statements of a PHP program, specifically a PHP Local File Inclusion issue in Select-Themes Moments. This allows...
PT-2026-27932
Name of the Vulnerable Software and Affected Versions jwsthemes IdealAuto versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program, specifically in jwsthemes IdealAuto. This allows for PHP Local File Inclusion. The...
PT-2026-27825
Name of the Vulnerable Software and Affected Versions ProLingua versions n/a through 1.1.12 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. The vulnerable component allows an attacker to includ...
PT-2026-27776
A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0message ids' parameter in '/supportboard/include/ajax.php' endpoint...
PT-2026-27816
Name of the Vulnerable Software and Affected Versions Elated-Themes Gaspard versions n/a through 1.3 Description A flaw exists in the handling of filenames for Include/Require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Elated-Themes Gaspard. This allows for...
PT-2026-27836
Name of the Vulnerable Software and Affected Versions AncoraThemes VegaDays versions through 1.2.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local Fi...
PT-2026-27820
Name of the Vulnerable Software and Affected Versions Laurent versions prior to 3.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files within t...
Support Board SQL注入漏洞
Support Board is a sales chat software developed by the British company Support Board. Version 3.7.7 of Support Board contains an SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter calls0messageids in the file /supportboard/include/ajax.php, which may...
PT-2026-27829
Name of the Vulnerable Software and Affected Versions AncoraThemes Dentalux versions n/a through 3.3 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows an attacker to potentially inclu...
PT-2026-27824
Name of the Vulnerable Software and Affected Versions ThemeREX Nelson versions n/a through 1.2.0 Description A flaw exists in ThemeREX Nelson due to improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion issue. The...
PT-2026-27974
Name of the Vulnerable Software and Affected Versions Mikado-Themes Belfort versions n/a through 1.0 Description A flaw exists in the handling of filenames used in include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Mikado-Themes Belfort. This allows...
PT-2026-27821
Name of the Vulnerable Software and Affected Versions Elated-Themes Lella versions n/a through 1.2 Description The software contains a flaw due to improper control of the filename for Include/Require statements in the PHP program, leading to a PHP Local File Inclusion issue. The vulnerable...