Lucene search
K

24 matches found

Cvelist
Cvelist
added 2026/03/05 5:54 a.m.36 views

CVE-2026-28120 WordPress Dr.Patterson theme <= 1.3.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dr.Patterson dr-patterson allows PHP Local File Inclusion.This issue affects Dr.Patterson: from n/a through = 1.3.2...

8.1CVSS0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:54 a.m.3 views

CVE-2026-28066 WordPress Legrand theme <= 2.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Legrand legrand allows PHP Local File Inclusion.This issue affects Legrand: from n/a through = 2.17...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Beacon 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.1CVSS5.8AI score0.00433EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.6 views

CVE-2025-69043

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Rashy rashy allows PHP Local File Inclusion.This issue affects Rashy: from n/a through = 1.1.3...

8.2CVSS5.3AI score0.00403EPSS
Exploits0References2
CVE
CVE
added 2025/12/18 7:21 a.m.14 views

CVE-2025-53448

CVE-2025-53448 concerns the WordPress Rally theme (axiomthemes Rally) up to version 1.1, which suffers from improper control of filenames in include/require statements, enabling PHP Local File Inclusion. Affected component: WordPress Rally theme; root cause: Local File Inclusion via unsafely cons...

8.1CVSS6.7AI score0.00415EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.2 views

WordPress plugin Strux 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

8.1CVSS6.6AI score0.00445EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52104

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Wanderic wanderic allows PHP Local File Inclusion.This issue affects Wanderic: from n/a through = 1.0.10...

7.1AI score0.00415EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Pretty Mail by FriendsOfFlarum 安全漏洞

Pretty Mail by FriendsOfFlarum is an open source tool from Friends of Flarum that allows you to make custom html templates for emails. A security vulnerability exists in Pretty Mail by FriendsOfFlarum version 1.1.2, which stems from the presence of a local file inclusion in an email template that...

6.9CVSS6.2AI score0.00305EPSS
Exploits0References4
CVE
CVE
added 2025/11/06 3:53 p.m.19 views

CVE-2025-39468

CVE-2025-39468 refers to a Local File Inclusion vulnerability in the WordPress Modal Survey plugin (modal-survey) affecting versions up to 2.0.2.0.1. The issue arises from improper control of filenames used in include/require, enabling an attacker to read local files via crafted input. The connec...

8.1CVSS8.5AI score0.00622EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.1 views

WordPress plugin Premmerce Product Search for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.7AI score0.0042EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.11 views

WordPress Plugin Consulting 安全漏洞

WordPress Consulting plugin is a plugin that provides WordPress website optimization, security auditing, performance enhancement, etc. It is mainly used to help businesses or individual users to solve the technical problems of WordPress websites. WordPress Consulting plugin has a file inclusion...

7.5CVSS6.4AI score0.00381EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.9 views

WordPress plugin Kleo 安全漏洞

WordPress Kleo plugin is a feature-rich portfolio of themes and plugins in the WordPress ecosystem, primarily used to build social networks, member communities and e-commerce platforms. WordPress Kleo plugin suffers from a file inclusion vulnerability that stems from improper file name control,...

7.5CVSS6.8AI score0.00381EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/24 12:0 a.m.6 views

PT-2025-43603

Name of the Vulnerable Software and Affected Versions Edge CPT versions through 1.4 Description An improper control of filename for include/require statement exists in Edge CPT, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local files within the application...

8.1CVSS6.4AI score0.00428EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.12 views

PT-2025-43163

Name of the Vulnerable Software and Affected Versions WP Abstracts versions through 2.7.4 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files...

7.5CVSS6.5AI score0.0042EPSS
Exploits0References4
NVD
NVD
added 2025/08/20 8:15 a.m.6 views

CVE-2025-48149

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx Cook&Meal cookandmeal allows PHP Local File Inclusion.This issue affects Cook&Meal: from n/a through = 1.2.3...

8.1CVSS0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.5 views

CVE-2025-32288

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.4...

7.5CVSS5.9AI score0.00417EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.3 views

WordPress plugin Unicamp 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS6.8AI score0.00364EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.3 views

WordPress plugin National Weather Service Alerts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS6.4AI score0.00397EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/05/11 8:19 p.m.3 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2020/03/18 1:51 p.m.52 views

Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws

Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution. Overall, Adobe on Wednesday patched flaws tied to 41 CVEs across its products, 29 of which were critical in severity. T...

1.4AI score0.07581EPSS
Exploits0References11
Rows per page
Query Builder