CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

336 matches found

CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

8.1CVSS5.8AI score0.00115EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS0.00115EPSS

Exploits0References1

Vulnrichment•added 2 days ago•3 views

CVE-2026-39552 WordPress Blueprint theme < 1.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

8.1CVSS5.8AI score0.00115EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 7:23 p.m.•3 views

CVE-2026-39544

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...

7.5CVSS5.8AI score0.00147EPSS

Exploits0References1

RedhatCVE•added 2026/04/13 7:22 p.m.•2 views

CVE-2025-58913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through = 2.3.8.1...

8.1CVSS5.8AI score0.00054EPSS

Exploits0References1

NVD•added 2026/04/10 2:16 p.m.•2 views

CVE-2025-58913

8.1CVSS0.00054EPSS

Exploits0References1

GithubExploit•added 2026/04/10 1:46 p.m.•146 views

Exploit for Code Injection in Backupbliss Backup_Migration

🔥 CVE-2023-6553 — WordPress Backup Migration RCE Unauthen...

9.8CVSS7.8AI score0.93531EPSS

Exploits14

Positive Technologies•added 2026/04/10 12:0 a.m.•1 views

PT-2026-31913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...

7.5CVSS5.8AI score0.00026EPSS

Exploits0References2

CVE•added 2026/04/08 8:30 a.m.•3 views

CVE-2026-39679

CVE-2026-39679 is a local file inclusion (LFI) in the WordPress Freeio/ApusTheme Freeio plugin/theme. Affected: Freeio versions up to and including 1.3.21 (and related Freeio/Freeio themes referenced in Red Hat/EUVD records and CVE listings). Root cause: improper control of filenames for include/...

7.5CVSS5.9AI score0.00147EPSS

Exploits0References1

Cvelist•added 2026/04/08 8:30 a.m.•19 views

CVE-2026-39679 WordPress Freeio theme <= 1.3.21 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through = 1.3.21...

7.5CVSS0.00147EPSS

Exploits0References1

Cvelist•added 2026/04/08 8:30 a.m.•16 views

CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...

7.5CVSS0.00147EPSS

Exploits0References1

ATTACKERKB•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39538

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...

5.9AI score0.00147EPSS

Exploits0References2

Github Security Blog•added 2026/03/31 10:22 p.m.•2 views

baserCMS has Unsafe File Upload Leading to Remote Code Execution (RCE)

Details The application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacker can craft a malicious PHP file within the zip and achieve...

8.7CVSS6.5AI score0.00031EPSS

Exploits1References5Affected Software1

RedhatCVE•added 2026/03/26 5:1 p.m.•2 views

CVE-2026-22513

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Triompher triompher allows PHP Local File Inclusion.This issue affects Triompher: from n/a through = 1.1.0...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/25 4:15 p.m.•6 views

CVE-2026-32531

CVE-2026-32531: Kunco WordPress Theme (

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

ATTACKERKB•added 2026/03/25 4:15 p.m.•0 views

CVE-2026-32503

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS Trendustry trendustry allows PHP Local File Inclusion.This issue affects Trendustry: from n/a through = 1.1.4...

5.8AI score0.00056EPSS

Exploits0References2

CVE•added 2026/03/25 4:14 p.m.•4 views

CVE-2026-27075

CVE-2026-27075 concerns an Improper Control of Filename for Include/Require Statement (PHP Local File Inclusion) in Mikado-Themes Belfort (WordPress theme Belfort). The vulnerability allows Local File Inclusion due to inadequate validation of filenames used in PHP include/require, affecting Belfo...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•25 views

CVE-2026-27076 WordPress LuxeDrive theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through = 1.0...

8.1CVSS0.00056EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-27075 WordPress Belfort theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Belfort belfort allows PHP Local File Inclusion.This issue affects Belfort: from n/a through = 1.0...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-25382 WordPress IdealAuto theme < 3.8.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes IdealAuto idealauto allows PHP Local File Inclusion.This issue affects IdealAuto: from n/a through 3.8.6...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by