CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

20 matches found

CVE•added 2026/03/25 4:14 p.m.•5 views

CVE-2026-27079

CVE-2026-27079 corresponds to a Local File Inclusion vulnerability in WordPress Amfissa (Mikado-Themes) theme, described as Improper Control of Filename for Include/Require in PHP (PHP Remote File Inclusion). Affected software: Mikado-Themes Amfissa amfissa, versions n/a through 1.1. Root cause: ...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•20 views

CVE-2026-22504 WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through = 1.1.12...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-22504 WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through = 1.1.12...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/13 11:42 a.m.•26 views

CVE-2026-32369 WordPress Medilink-Core plugin < 2.0.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

7.5CVSS0.0017EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•26 views

CVE-2026-28030 WordPress Bonbon theme <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Bonbon bonbon allows PHP Local File Inclusion.This issue affects Bonbon: from n/a through = 1.6...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•2 views

CVE-2026-28019 WordPress Manoir theme <= 1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Manoir manoir allows PHP Local File Inclusion.This issue affects Manoir: from n/a through = 1.11...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-22428 WordPress Tooth Fairy theme <= 1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Tooth Fairy tooth-fairy allows PHP Local File Inclusion.This issue affects Tooth Fairy: from n/a through = 1.16...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/01/08 9:17 a.m.•5 views

CVE-2025-67920

CVE-2025-67920 concerns an unauthenticated Local File Inclusion in the WordPress theme Neo Ocular (Elated-Themes) via improper filename handling in PHP includes. Affected: Neo Ocular

8.1CVSS6.7AI score0.00119EPSS

Exploits0References1

CVE•added 2026/01/08 9:17 a.m.•7 views

CVE-2025-22708

CVE-2025-22708 is an Unauthenticated Local File Inclusion in the Mitech WordPress Theme (versions up to and including 2.3.4). The issue arises from improper control of the filename used by PHP include/require statements, enabling a remote attacker to influence included files. The public details s...

8.1CVSS6.7AI score0.00035EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/01/08 9:17 a.m.•28 views

CVE-2025-14429 WordPress AeroLand theme <= 1.6.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through = 1.6.6...

8.1CVSS0.00119EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:26 p.m.•19 views

CVE-2025-69086 WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes Issabella issabella allows PHP Local File Inclusion.This issue affects Issabella: from n/a through = 1.1.2...

8.1CVSS0.00104EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•22 views

CVE-2025-60050 WordPress Panda theme <= 1.21 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through = 1.21...

8.1CVSS0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•21 views

CVE-2025-60047 WordPress IPharm theme <= 1.2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes IPharm ipharm allows PHP Local File Inclusion.This issue affects IPharm: from n/a through = 1.2.3...

8.1CVSS0.0011EPSS

Exploits0References1

CVE•added 2025/12/18 7:21 a.m.•9 views

CVE-2025-53445

The CVE-2025-53445 entry concerns the WordPress Catwalk (axiomthemes Catwalk) plugin/theme with versions up to and including 1.4, describing an improper control of filenames for include/require statements that enables PHP Local File Inclusion. Affected component: Catwalk’s include/require handlin...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/16 8:13 a.m.•23 views

CVE-2025-68068 WordPress Stockholm theme <= 9.14.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Stockholm stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through = 9.14.1...

7.5CVSS0.00109EPSS

Exploits0References1

Cvelist•added 2025/12/09 2:13 p.m.•17 views

CVE-2025-67515 WordPress Wilmër theme < 3.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.5...

8.8CVSS0.00145EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•2 views

CVE-2025-60203 WordPress Store Exporter plugin <= 2.7.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Josh Kohlbach Store Exporter woocommerce-exporter allows PHP Local File Inclusion.This issue affects Store Exporter: from n/a through = 2.7.6...

7.5CVSS6.7AI score0.00113EPSS

Exploits0References1

CVE•added 2025/11/06 3:53 p.m.•23 views

CVE-2025-39463

CVE-2025-39463 is a WordPress Dessau theme local-file-inclusion vulnerability. Connected sources confirm an improper control of filenames for include/require leading to PHP Local File Inclusion in Dessau, affecting versions earlier than 1.9. The issue is documented as an LFI vulnerability in the ...

7.5CVSS8.4AI score0.00392EPSS

Exploits0References1

CVE•added 2025/10/31 11:42 a.m.•6 views

CVE-2025-64360

The CVE-2025-64360 entry describes a Local File Inclusion in the WordPress Consulting Elementor Widgets plugin (versions up to 1.4.2) caused by improper control of filenames for include/require statements in PHP. Affects Consulting Elementor Widgets:

7.5CVSS6.7AI score0.00117EPSS

Exploits0References1

CVE•added 2025/08/28 12:37 p.m.•10 views

CVE-2025-53578

CVE-2025-53578 affects Gavias Kipso WordPress Theme (

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by