PT-2025-49905

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Opal WP Fashion fashion2 allows PHP Local File Inclusion.This issue affects Fashion: from n/a through 5.3.0...

CVE-2025-60241

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Premmerce Premmerce premmerce allows PHP Local File Inclusion.This issue affects Premmerce: from n/a through = 1.3.19...

CVE-2025-62067

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Savory savory.This issue affects Savory: from n/a through = 2.5...

CVE-2025-39466

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4...

CVE-2025-60202

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through = 2.3.6...

CVE-2025-58995

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Leblix leblix allows PHP Local File Inclusion.This issue affects Leblix: from n/a through = 2.4...

CVE-2025-62053

CVE-2025-62053 describes a Local File Inclusion (LFI) vulnerability in the WordPress Houzez theme prior to version 4.2.0 . The issue arises from an improper control of the filename used in include/require statements within the PHP code, enabling an attacker to potentially include local files on t...

CVE-2025-62054

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through = 4.1.8...

CVE-2025-62029

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themesion Grevo grevo.This issue affects Grevo: from n/a through = 2.4...

CVE-2025-59550

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in designervily Xcare xcare allows PHP Local File Inclusion.This issue affects Xcare: from n/a through 6.5...

CVE-2025-58967

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through 2.4.4...

EUVD-2025-25985

Malicious code in bioql PyPI...

CVE-2025-47571

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in highwarden Super Store Finder superstorefinder-wp allows PHP Local File Inclusion.This issue affects Super Store Finder: from n/a through 7.8...

CVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through 1.3.0...

CVE-2025-58608 WordPress MediaPress Plugin <= 1.5.9.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BuddyDev MediaPress mediapress allows PHP Local File Inclusion.This issue affects MediaPress: from n/a through = 1.5.9.1...

CVE-2025-53326

CVE-2025-53326 describes an Unauthenticated Local File Inclusion in the WordPress Gutenify plugin (CodeYatri Gutenify) due to Improper Control of Filename for Include/Require Statements. Affected versions are Gutenify up to 1.5.6 (and earlier references show up to 1.5.4 in some advisories). The C...

CVE-2025-39490

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Backpack Traveler allows PHP Local File Inclusion. This issue affects Backpack Traveler: from n/a through 2.7...

CVE-2025-39507 WordPress Nasa Core Plugin <= 6.4.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through 6.4.4...

CVE-2025-39429

CVE-2025-39429 is a Local File Inclusion vulnerability in the WordPress plugin Széchenyi 2020 Logo (versions n/a–1.1). The weakness stems from improper filename handling in PHP Include/Require, enabling an attacker to influence file inclusion through crafted input. The provided Connected/External...

CVE-2025-32159 WordPress Radius Blocks plugin <= 2.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Radius Blocks radius-blocks allows PHP Local File Inclusion.This issue affects Radius Blocks: from n/a through = 2.2.1...