CVE-2025-31064

CVE-2025-31064 affects Vizeon - Business Consulting WordPress Theme (versions

CVE-2025-31632

CVE-2025-31632 affects WordPress plugin/theme La Boom

CVE-2025-31913 WordPress Ogami <= 1.53 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Ogami allows PHP Local File Inclusion. This issue affects Ogami: from n/a through 1.53...

CVE-2025-32286

CVE-2025-32286 refers to an Unauthenticated Local File Inclusion in the WordPress Butcher theme (

CVE-2025-32289

CVE-2025-32289 is a Local File Inclusion vulnerability in the WordPress theme Yozi (ApusTheme Yozi) affecting versions through 2.0.52. The root cause is improper control of filenames in include/require statements, enabling PHP Local File Inclusion. Public sources corroborate the issue and tie it ...

CVE-2025-39494

CVE-2025-39494 refers to a Local File Inclusion vulnerability in the WordPress theme Wilmër by Mikado-Themes. The issue arises from improper control of the filename used in PHP include/require, enabling LFI via PHP Remote File Inclusion mechanics. Affected: Wilmër versions prior to 3.4.2. Evidenc...

CVE-2025-39506

CVE-2025-39506 : WordPress Nasa Core Plugin

CVE-2025-46454

CVE-2025-46454 concerns the WordPress plugin "Meta Keywords & Description" (versions

CVE-2025-46474 WordPress SEUR Oficial <= 2.2.23 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SEUR OFICIAL SEUR Oficial allows PHP Local File Inclusion. This issue affects SEUR Oficial: from n/a through 2.2.23...

CVE-2025-47670

CVE-2025-47670 is an LFI (Local File Inclusion) vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon, affecting versions up to 7.6.10. Root cause: improper filename control in PHP include/require leading to RFI/LFI. CVSSv3.1 base score 8.1...

PT-2025-22721 · Unknown · Scripteo Ads Pro Plugin

Name of the Vulnerable Software and Affected Versions: scripteo Ads Pro Plugin versions n/a through 4.88 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Loca...

PT-2025-22683 · WordPress · Enzio

Name of the Vulnerable Software and Affected Versions: Enzio - Responsive Business WordPress Theme versions 1.1.8 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' or PHP Local...

PT-2025-22776 · Miniorange · Miniorange Discord Integration

Name of the Vulnerable Software and Affected Versions: miniOrange Discord Integration versions 2.2.2 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local Fil...

PT-2025-22697 · Unknown · Gavias Winnex

Name of the Vulnerable Software and Affected Versions: gavias Winnex versions 1.3.2 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

PT-2025-22696 · Unknown · Gavias Oxpitan

Name of the Vulnerable Software and Affected Versions: gavias Oxpitan versions 1.3.1 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

PT-2025-22692 · Unknown · Apustheme Butcher

Name of the Vulnerable Software and Affected Versions: ApusTheme Butcher versions n/a through 2.40 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

PT-2025-22774 · WordPress · Miniorange Wordpress Social Login/Register

Name of the Vulnerable Software and Affected Versions: miniOrange WordPress Social Login and Register versions 7.6.10 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which...

PT-2025-22698 · Thememove · Thememove Healsoul

Name of the Vulnerable Software and Affected Versions: ThemeMove Healsoul versions n/a through 2.0.2 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local Fi...

PT-2025-22673 · Unknown · Apustheme Capie

Name of the Vulnerable Software and Affected Versions: ApusTheme Capie versions 1.0.0 through 1.0.40 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

PT-2025-22791 · Goodlayers · Goodlayers Tourmaster

Name of the Vulnerable Software and Affected Versions: GoodLayers Tourmaster versions through 5.3.8 Description: The issue is related to improper control of filename for include/require statement in PHP programs, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...