CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

20 matches found

CVE•added 2026/03/25 4:14 p.m.•6 views

CVE-2026-27079

CVE-2026-27079 corresponds to a Local File Inclusion vulnerability in WordPress Amfissa (Mikado-Themes) theme, described as Improper Control of Filename for Include/Require in PHP (PHP Remote File Inclusion). Affected software: Mikado-Themes Amfissa amfissa, versions n/a through 1.1. Root cause: ...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-22504 WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through = 1.1.12...

8.1CVSS0.00504EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•2 views

CVE-2026-22504 WordPress ProLingua theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through = 1.1.12...

8.1CVSS5.8AI score0.00504EPSS

Exploits0References1

Cvelist•added 2026/03/13 11:42 a.m.•28 views

CVE-2026-32369 WordPress Medilink-Core plugin < 2.0.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

7.5CVSS0.00381EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•30 views

CVE-2026-28030 WordPress Bonbon theme <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Bonbon bonbon allows PHP Local File Inclusion.This issue affects Bonbon: from n/a through = 1.6...

8.1CVSS0.00433EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•4 views

CVE-2026-28019 WordPress Manoir theme <= 1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Manoir manoir allows PHP Local File Inclusion.This issue affects Manoir: from n/a through = 1.11...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•28 views

CVE-2026-22428 WordPress Tooth Fairy theme <= 1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Tooth Fairy tooth-fairy allows PHP Local File Inclusion.This issue affects Tooth Fairy: from n/a through = 1.16...

8.1CVSS0.00519EPSS

Exploits0References1

CVE•added 2026/01/08 9:17 a.m.•12 views

CVE-2025-67920

CVE-2025-67920 concerns an unauthenticated Local File Inclusion in the WordPress theme Neo Ocular (Elated-Themes) via improper filename handling in PHP includes. Affected: Neo Ocular

8.1CVSS6.7AI score0.00412EPSS

Exploits0References1

CVE•added 2026/01/08 9:17 a.m.•11 views

CVE-2025-22708

CVE-2025-22708 is an Unauthenticated Local File Inclusion in the Mitech WordPress Theme (versions up to and including 2.3.4). The issue arises from improper control of the filename used by PHP include/require statements, enabling a remote attacker to influence included files. The public details s...

8.1CVSS6.7AI score0.00512EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/01/08 9:17 a.m.•31 views

CVE-2025-14429 WordPress AeroLand theme <= 1.6.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through = 1.6.6...

8.1CVSS0.00403EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:26 p.m.•23 views

CVE-2025-69086 WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes Issabella issabella allows PHP Local File Inclusion.This issue affects Issabella: from n/a through = 1.1.2...

8.1CVSS0.00334EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•25 views

CVE-2025-60050 WordPress Panda theme <= 1.21 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through = 1.21...

8.1CVSS0.00415EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:22 a.m.•24 views

CVE-2025-60047 WordPress IPharm theme <= 1.2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes IPharm ipharm allows PHP Local File Inclusion.This issue affects IPharm: from n/a through = 1.2.3...

8.1CVSS0.00415EPSS

Exploits0References1

CVE•added 2025/12/18 7:21 a.m.•11 views

CVE-2025-53445

The CVE-2025-53445 entry concerns the WordPress Catwalk (axiomthemes Catwalk) plugin/theme with versions up to and including 1.4, describing an improper control of filenames for include/require statements that enables PHP Local File Inclusion. Affected component: Catwalk’s include/require handlin...

8.1CVSS6.7AI score0.00415EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/16 8:13 a.m.•26 views

CVE-2025-68068 WordPress Stockholm theme <= 9.14.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Stockholm stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through = 9.14.1...

7.5CVSS0.00316EPSS

Exploits0References1

Cvelist•added 2025/12/09 2:13 p.m.•21 views

CVE-2025-67515 WordPress Wilmër theme < 3.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.5...

8.8CVSS0.00371EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•3 views

CVE-2025-60203 WordPress Store Exporter plugin <= 2.7.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Josh Kohlbach Store Exporter woocommerce-exporter allows PHP Local File Inclusion.This issue affects Store Exporter: from n/a through = 2.7.6...

7.5CVSS6.7AI score0.0037EPSS

Exploits0References1

CVE•added 2025/11/06 3:53 p.m.•26 views

CVE-2025-39463

CVE-2025-39463 is a WordPress Dessau theme local-file-inclusion vulnerability. Connected sources confirm an improper control of filenames for include/require leading to PHP Local File Inclusion in Dessau, affecting versions earlier than 1.9. The issue is documented as an LFI vulnerability in the ...

7.5CVSS8.4AI score0.00506EPSS

Exploits0References1

CVE•added 2025/10/31 11:42 a.m.•12 views

CVE-2025-64360

The CVE-2025-64360 entry describes a Local File Inclusion in the WordPress Consulting Elementor Widgets plugin (versions up to 1.4.2) caused by improper control of filenames for include/require statements in PHP. Affects Consulting Elementor Widgets:

7.5CVSS6.7AI score0.00353EPSS

Exploits0References1

CVE•added 2025/08/28 12:37 p.m.•13 views

CVE-2025-53578

CVE-2025-53578 affects Gavias Kipso WordPress Theme (

8.1CVSS5.9AI score0.00404EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by