CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

336 matches found

RedhatCVE•added 2025/09/07 4:33 p.m.•3 views

CVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through 1.3.0...

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

Vulnrichment•added 2025/09/03 2:36 p.m.•2 views

CVE-2025-58608 WordPress MediaPress Plugin <= 1.5.9.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BuddyDev MediaPress mediapress allows PHP Local File Inclusion.This issue affects MediaPress: from n/a through = 1.5.9.1...

7.5CVSS5.9AI score0.00157EPSS

Exploits0References1

CVE•added 2025/08/28 12:37 p.m.•9 views

CVE-2025-54716

CVE-2025-54716 is a local file inclusion vulnerability in WordPress themes: Ireca (WordPress Theme, versioned up to 1.8.5). The underlying issue is Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion), enabling LFI. Affected product: Ireca

8.1CVSS5.9AI score0.00158EPSS

Exploits0References1

Cvelist•added 2025/08/28 12:37 p.m.•7 views

CVE-2025-53576 WordPress Ovatheme Events Plugin <= 1.2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Ovatheme Events ova-events allows PHP Local File Inclusion.This issue affects Ovatheme Events: from n/a through = 1.2.8...

8.1CVSS0.00158EPSS

Exploits0References1

CVE•added 2025/08/28 12:37 p.m.•10 views

CVE-2025-53326

CVE-2025-53326 describes an Unauthenticated Local File Inclusion in the WordPress Gutenify plugin (CodeYatri Gutenify) due to Improper Control of Filename for Include/Require Statements. Affected versions are Gutenify up to 1.5.6 (and earlier references show up to 1.5.4 in some advisories). The C...

7.5CVSS5.9AI score0.00157EPSS

Exploits0References1

Cvelist•added 2025/08/20 8:3 a.m.•7 views

CVE-2025-53204 WordPress eventlist plugin <= 1.9.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme eventlist eventlist allows PHP Local File Inclusion.This issue affects eventlist: from n/a through = 1.9.2...

8.1CVSS0.00158EPSS

Exploits0References1

NVD•added 2025/08/14 11:15 a.m.•1 views

CVE-2025-52732

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...

8.8CVSS0.00208EPSS

Exploits0References1

Vulnrichment•added 2025/06/17 3:1 p.m.•2 views

CVE-2025-49259 WordPress Hara <= 1.2.10 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara allows PHP Local File Inclusion. This issue affects Hara: from n/a through 1.2.10...

8.1CVSS7.4AI score0.00547EPSS

Exploits0References1

Positive Technologies•added 2025/06/09 12:0 a.m.•1 views

PT-2025-24465 · Bzotheme · Bzotheme Craftxtore

Name of the Vulnerable Software and Affected Versions: BZOTheme CraftXtore versions n/a through 1.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

8.1CVSS8AI score0.00547EPSS

Exploits0References3

OSV•added 2025/05/23 1:15 p.m.•0 views

CVE-2025-47453

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3...

9.8CVSS5.8AI score0.00547EPSS

Exploits0References1

ATTACKERKB•added 2025/05/23 1:15 p.m.•2 views

CVE-2025-46454

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in svil4ok Meta Keywords & Description wp-meta-keywords-meta-description allows PHP Local File Inclusion.This issue affects Meta Keywords & Description: from n/a through = 0.8...

7.5CVSS8.7AI score0.00499EPSS

Exploits0References3

OSV•added 2025/05/23 1:15 p.m.•1 views

CVE-2025-39494

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër allows PHP Local File Inclusion. This issue affects Wilmër: from n/a through n/a...

9.8CVSS5.8AI score0.00547EPSS

Exploits0References1

OSV•added 2025/05/23 1:15 p.m.•1 views

CVE-2025-39490

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Backpack Traveler allows PHP Local File Inclusion. This issue affects Backpack Traveler: from n/a through 2.7...

8.1CVSS5.8AI score0.00547EPSS

Exploits0References1

Cvelist•added 2025/05/19 4:23 p.m.•14 views

CVE-2025-47576 WordPress Bimber - Viral Magazine WordPress Theme theme <= 9.2.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Bringthepixel Bimber - Viral Magazine WordPress Theme.This issue affects Bimber - Viral Magazine WordPress Theme: from n/a through 9.2.5...

8.8CVSS0.00631EPSS

Exploits0References1

Cvelist•added 2025/05/16 3:45 p.m.•20 views

CVE-2025-39507 WordPress Nasa Core Plugin <= 6.4.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NasaTheme Nasa Core nasa-core allows PHP Local File Inclusion.This issue affects Nasa Core: from n/a through 6.4.4...

7.5CVSS0.00458EPSS

Exploits0References1

CVE•added 2025/04/17 3:17 p.m.•49 views

CVE-2025-39429

CVE-2025-39429 is a Local File Inclusion vulnerability in the WordPress plugin Széchenyi 2020 Logo (versions n/a–1.1). The weakness stems from improper filename handling in PHP Include/Require, enabling an attacker to influence file inclusion through crafted input. The provided Connected/External...

7.5CVSS7.2AI score0.00579EPSS

Exploits0References1

Cvelist•added 2025/04/04 3:58 p.m.•9 views

CVE-2025-32159 WordPress Radius Blocks plugin <= 2.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Radius Blocks radius-blocks allows PHP Local File Inclusion.This issue affects Radius Blocks: from n/a through = 2.2.1...

7.5CVSS0.01855EPSS

Exploits0References1

Cvelist•added 2025/03/31 6:7 a.m.•14 views

CVE-2025-31016 WordPress JetWooBuilder plugin <= 2.1.18 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows PHP Local File Inclusion.This issue affects JetWooBuilder: from n/a through = 2.1.18...

7.5CVSS0.01091EPSS

Exploits0References1

ATTACKERKB•added 2025/03/27 11:15 a.m.•0 views

CVE-2025-30890

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SuitePlugins Login Widget for Ultimate Member login-widget-for-ultimate-member allows PHP Local File Inclusion.This issue affects Login Widget for Ultimate Member: from n/a throu...

7.5CVSS7.2AI score0.01091EPSS

Exploits0References3

CVE•added 2025/03/26 2:24 p.m.•42 views

CVE-2025-23952

CVE-2025-23952 describes an Unvalidated Filename handling flaw in WordPress plugin Custom Field List Widget (ntm custom-field-list-widget) that allows Local File Inclusion via PHP include/require. Affected: custom-field-list-widget versions

8.1CVSS7.2AI score0.00661EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by