CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-3197

Malware in sbrugna...

5CVSS7.3AI score0.00998EPSS

Exploits0References8

CVE•added 2025/06/27 11:52 a.m.•14 views

CVE-2025-24760

CVE-2025-24760 affects the WordPress theme Sofass (Sofass: <= 1.3.4). Described as an unauthenticated Local File Inclusion via Improper Control of Filename for Include/Require, i.e., PHP Remote File Inclusion. CVSS v3.1 base score 8.1 (HIGH) with network attack vector, high impact on confident...

8.1CVSS5.9AI score0.00547EPSS

Exploits0References1

Cvelist•added 2025/06/17 3:1 p.m.•7 views

CVE-2025-24761 WordPress DSK theme < 2.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme DSK dsk allows PHP Local File Inclusion.This issue affects DSK: from n/a through 2.4...

8.1CVSS0.00547EPSS

Exploits0References1

Cvelist•added 2025/06/17 3:1 p.m.•8 views

CVE-2025-49254 WordPress Nika theme <= 1.2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.8...

8.1CVSS0.00547EPSS

Exploits0References1

Vulnrichment•added 2025/06/17 3:1 p.m.•2 views

CVE-2025-49254 WordPress Nika <= 1.2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika allows PHP Local File Inclusion. This issue affects Nika: from n/a through 1.2.8...

8.1CVSS8.3AI score0.00547EPSS

Exploits0References1

Vulnrichment•added 2025/06/09 3:53 p.m.•2 views

CVE-2025-49278 WordPress Blogty theme <= 1.0.11 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in unfoldwp Blogty blogty allows PHP Local File Inclusion.This issue affects Blogty: from n/a through = 1.0.11...

8.1CVSS5.3AI score0.00547EPSS

Exploits0References1

Cvelist•added 2025/05/23 12:43 p.m.•11 views

CVE-2025-39494 WordPress Wilmër theme < 3.4.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.4.2...

8.1CVSS0.00547EPSS

Exploits0References1

Cvelist•added 2025/05/19 7:56 p.m.•11 views

CVE-2025-32925 WordPress SUMO Reward Points plugin <= 30.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in FantasticPlugins SUMO Reward Points rewardsystem allows PHP Local File Inclusion.This issue affects SUMO Reward Points: from n/a through = 30.7.0...

8.3CVSS0.00499EPSS

Exploits0References1

Vulnrichment•added 2025/04/17 3:47 p.m.•3 views

CVE-2025-32571 WordPress TuriTop Booking System Plugin <= 1.0.10 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in turitop TuriTop Booking System allows Object Injection. This issue affects TuriTop Booking System: from n/a through 1.0.10...

8.8CVSS6.9AI score0.00673EPSS

Exploits0References1

Cvelist•added 2025/04/16 12:44 p.m.•16 views

CVE-2025-39570 WordPress WPCOM Member plugin <= 1.7.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Lomu WPCOM Member wpcom-member allows PHP Local File Inclusion.This issue affects WPCOM Member: from n/a through = 1.7.7...

8.8CVSS0.01601EPSS

Exploits0References1

Cvelist•added 2025/04/15 11:59 a.m.•18 views

CVE-2025-26889 WordPress hockeydata LOS plugin <= 1.2.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in hockeydata hockeydata LOS hockeydata-los allows PHP Local File Inclusion.This issue affects hockeydata LOS: from n/a through = 1.2.4...

7.5CVSS0.01063EPSS

Exploits0References1

Vulnrichment•added 2025/04/11 8:42 a.m.•6 views

CVE-2025-31014 WordPress Material Dashboard plugin <= 1.4.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hossein Material Dashboard material-dashboard allows PHP Local File Inclusion.This issue affects Material Dashboard: from n/a through = 1.4.5...

7.5CVSS7.4AI score0.01855EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 8:58 p.m.•4 views

CVE-2025-31612 WordPress CBX Poll plugin <= 2.0.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Sabuj Kundu CBX Poll cbxpoll allows Object Injection.This issue affects CBX Poll: from n/a through = 2.0.4...

9.8CVSS8.6AI score0.00292EPSS

Exploits0References1

Cvelist•added 2025/03/27 3:48 p.m.•19 views

CVE-2025-26909 WordPress Hide My WP Ghost plugin <= 5.4.01 - Local File Inclusion to RCE vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through = 5.4.01...

9.6CVSS0.002EPSS

Exploits1References1

CVE•added 2025/03/27 10:55 a.m.•55 views

CVE-2025-30895

CVE-2025-30895 : In the WordPress plugin “WpEvently” (Event Manager and Tickets Selling Plugin for WooCommerce), versions up to and including 4.2.9 are affected by a path traversal vulnerability that enables PHP Local File Inclusion. The issue is categorized as an authenticated path traversal fla...

7.5CVSS7.2AI score0.00861EPSS

Exploits0References1

Vulnrichment•added 2025/03/27 10:55 a.m.•6 views

CVE-2025-30829 WordPress WPCafe plugin <= 2.2.31 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Arraytics WPCafe wp-cafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through = 2.2.31...

7.5CVSS7.4AI score0.01647EPSS

Exploits0References1

Cvelist•added 2025/03/27 10:55 a.m.•12 views

CVE-2025-30820 WordPress WishSuite plugin <= 1.4.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in HT Plugins WishSuite wishsuite allows PHP Local File Inclusion.This issue affects WishSuite: from n/a through = 1.4.4...

7.5CVSS0.01647EPSS

Exploits0References1

Cvelist•added 2025/03/27 10:54 a.m.•11 views

CVE-2025-30785 WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...

7.5CVSS0.00875EPSS

Exploits0References1

CVE•added 2025/03/05 12:0 a.m.•65 views

CVE-2025-27649

CVE-2025-27649 affects Vasion Print (formerly PrinterLogic) prior to Virtual Appliance Host 22.0.893 and Application 20.0.2140, due to Incorrect Access Control (PHP V-2023-016). CVSS 3.1 indicates Critical impact (C/H, I/H, A/H) with network attack, no user interaction required. Exploitation deta...

9.8CVSS7.3AI score0.00121EPSS

Exploits1References3Affected Software2

Tenable Nessus•added 2025/03/04 12:0 a.m.•21 views

Linux Distros Unpatched Vulnerability : CVE-2016-6295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection,...

9.8CVSS8.5AI score0.05124EPSS

Exploits5References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by