CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

647 matches found

Positive Technologies•added 2025/05/23 12:0 a.m.•2 views

PT-2025-22684 · Unknown · Apustheme Ogami

Name of the Vulnerable Software and Affected Versions: ApusTheme Ogami versions 1.53 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. Thi...

8.1CVSS7.9AI score0.00535EPSS

Exploits0References3

Positive Technologies•added 2025/05/23 12:0 a.m.•2 views

PT-2025-22673 · Unknown · Apustheme Capie

Name of the Vulnerable Software and Affected Versions: ApusTheme Capie versions 1.0.0 through 1.0.40 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

8.1CVSS8AI score0.00535EPSS

Exploits0References4

RedhatCVE•added 2025/05/21 7:3 p.m.•3 views

CVE-2025-39458

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...

8.1CVSS7.2AI score0.00616EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 6:17 p.m.•3 views

CVE-2025-26735

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Candid themes Grip.This issue affects Grip: from n/a through 1.0.9...

7.5CVSS8AI score0.00467EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 5:19 p.m.•4 views

CVE-2025-39396

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through = 2.3.6...

7.5CVSS7.2AI score0.0051EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 4:39 p.m.•18 views

CVE-2025-47576

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Bringthepixel Bimber - Viral Magazine WordPress Theme.This issue affects Bimber - Viral Magazine WordPress Theme: from n/a through 9.2.5...

8.8CVSS8.6AI score0.00405EPSS

Exploits0References1

Vulnrichment•added 2025/05/19 7:56 p.m.•4 views

CVE-2025-32925 WordPress SUMO Reward Points plugin <= 30.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in FantasticPlugins SUMO Reward Points rewardsystem allows PHP Local File Inclusion.This issue affects SUMO Reward Points: from n/a through = 30.7.0...

8.3CVSS8.7AI score0.004EPSS

Exploits0References1

NVD•added 2025/05/19 7:15 p.m.•9 views

CVE-2025-39411

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in IndiePlugins WhatsApp Click to Chat Plugin for WordPress wpt-whatsapp.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through = 2.2.12...

7.5CVSS0.00467EPSS

Exploits0References1

CVE•added 2025/05/19 6:47 p.m.•32 views

CVE-2025-39458

CVE-2025-39458 is a Local File Inclusion (LFI) vulnerability in the WordPress Foton theme (Mikado-Themes Foton). Affected versions are Foton up to 2.5.2; patch exists in 2.6.1. Root cause: improper filename handling for include/require in PHP, enabling PHP Local File Inclusion. External details f...

8.1CVSS7.2AI score0.00616EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/05/19 6:47 p.m.•9 views

CVE-2025-39458 WordPress Foton theme <= 2.5.2 - Local File Inclusion vulnerability

8.1CVSS0.00616EPSS

Exploits0References1

NVD•added 2025/05/19 6:15 p.m.•8 views

CVE-2025-39396

7.5CVSS0.0051EPSS

Exploits0References1

Positive Technologies•added 2025/05/19 12:0 a.m.•2 views

PT-2025-22054 · Unknown · Candid Themes Grip

Name of the Vulnerable Software and Affected Versions: Candid themes Grip versions 1.0.9 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability where ...

7.5CVSS8AI score0.00467EPSS

Exploits0References3

Positive Technologies•added 2025/05/19 12:0 a.m.•3 views

PT-2025-22079 · WordPress · Indie Plugins Whatsapp Click To Chat Plugin

Name of the Vulnerable Software and Affected Versions: Indie Plugins WhatsApp Click to Chat Plugin for WordPress versions n/a through 2.2.12 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'...

7.5CVSS8.1AI score0.00467EPSS

Exploits0References3

Positive Technologies•added 2025/05/19 12:0 a.m.•2 views

PT-2025-22025 · Woocommerce · Category Slider For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Category Slider for WooCommerce versions through 4.3.4 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This allows for PHP...

7.5CVSS7.9AI score0.00535EPSS

Exploits0References3

NVD•added 2025/05/16 4:15 p.m.•10 views

CVE-2025-48136

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Estatik Mortgage Calculator Estatik estatik-mortgage-calculator allows PHP Local File Inclusion.This issue affects Mortgage Calculator Estatik: from n/a through = 2.0.12...

8.8CVSS0.00356EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:24 p.m.•5 views

CVE-2025-47496

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PublishPress PublishPress Authors publishpress-authors allows PHP Local File Inclusion.This issue affects PublishPress Authors: from n/a through = 4.7.5...

7.5CVSS7.2AI score0.0061EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:24 p.m.•9 views

CVE-2025-47531

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Xylus Themes XT Event Widget for Social Events xt-facebook-events allows PHP Local File Inclusion.This issue affects XT Event Widget for Social Events: from n/a through = 1.1.7...

8.8CVSS7.2AI score0.00549EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:24 p.m.•11 views

CVE-2025-47498

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nicdark Hotel Booking nd-booking allows PHP Local File Inclusion.This issue affects Hotel Booking: from n/a through = 3.6...

7.5CVSS7.2AI score0.0061EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•8 views

CVE-2025-47653

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in tggfref WP-Recall allows PHP Local File Inclusion. This issue affects WP-Recall: from n/a through 16.26.14...

7.5CVSS0.00495EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•6 views

CVE-2025-47498

7.5CVSS0.0061EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by