647 matches found
CVE-2025-32154
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Catch Themes Catch Dark Mode catch-dark-mode allows PHP Local File Inclusion.This issue affects Catch Dark Mode: from n/a through = 2.0.1...
CVE-2025-32156
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Alex Prokopenko / JustCoded Just Post Preview Widget just-post-preview allows PHP Local File Inclusion.This issue affects Just Post Preview Widget: from n/a through = 1.1.1...
CVE-2025-32155
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in markkinchin Beds24 Online Booking beds24-online-booking allows PHP Local File Inclusion.This issue affects Beds24 Online Booking: from n/a through = 2.0.28...
CVE-2025-32151
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themekraft BuddyForms buddyforms allows PHP Local File Inclusion.This issue affects BuddyForms: from n/a through = 2.9.0...
CVE-2025-32152
CVE-2025-32152 concerns Slider a SlidersPack – Image Slider, Post Slider, ACF Gallery Slider (WordPress) with an authenticated (Contributor+) Local File Inclusion due to Improper Control of Filename for Include/Require in PHP. Affected versions: Slider a SlidersPack up to 2.3. The entry notes PHP...
CVE-2025-32151 WordPress BuddyForms Plugin <= 2.9.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themekraft BuddyForms buddyforms allows PHP Local File Inclusion.This issue affects BuddyForms: from n/a through = 2.9.0...
CVE-2025-31405
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zankover Fami WooCommerce Compare fami-woocommerce-compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through = 1.0.5...
CVE-2025-31405 WordPress Fami WooCommerce Compare plugin <= 1.0.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zankover Fami WooCommerce Compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through 1.0.5...
PT-2025-14896 · Woocommerce · Fami Woocommerce Compare
Name of the Vulnerable Software and Affected Versions: Fami WooCommerce Compare versions 1.0.0 through 1.0.5 Description: The issue is related to improper control of filename for include/require statement in PHP programs, also known as PHP Remote File Inclusion, allowing PHP Local File Inclusion...
PT-2025-14942 · Unknown · Just Post Preview Widget
Name of the Vulnerable Software and Affected Versions: Just Post Preview Widget versions 1.1.1 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' or PHP Local File Inclusion. This...
PT-2025-14940
Name of the Vulnerable Software and Affected Versions Catch Dark Mode versions 1.2.1 and earlier Description The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...
PT-2025-14931 · Unknown · Stylemix Motors
Name of the Vulnerable Software and Affected Versions: Stylemix Motors versions 1.4.65 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...
PT-2025-14944 · Unknown · Radius Blocks
Name of the Vulnerable Software and Affected Versions: Radius Blocks versions n/a through 2.2.1 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This...
PT-2025-14941 · Unknown +1 · Beds24 Online Booking +1
Name of the Vulnerable Software and Affected Versions: Beds24 Online Booking versions n/a through 2.0.26 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Loca...
PT-2025-14936 · Php +1 · Php +1
Name of the Vulnerable Software and Affected Versions: Rameez Iqbal Real Estate Manager versions n/a through 7.3 Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...
PT-2025-14943 · Unknown · Jakub Glos Sparkle Elementor Kit
Name of the Vulnerable Software and Affected Versions: Jakub Glos Sparkle Elementor Kit versions 2.0.9 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...
CVE-2025-31098
CVE-2025-31098 affects the DeBounce Email Validator WordPress plugin. The issue is Improper filename control in PHP Includes/Requires, enabling unauthenticated Local File Inclusion (LFI). Affected versions are up to and including 5.7; CVSS v3.1 base score 7.5 (HIGH) with NETWORK attack vector, hi...
CVE-2025-30870
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclusion.This issue affects WP Travel Engine: from n/a through = 6.3.5...
CVE-2025-30849
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in g5theme Essential Real Estate essential-real-estate allows PHP Local File Inclusion.This issue affects Essential Real Estate: from n/a through = 5.2.0...
CVE-2025-30901
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in JoomSky JS Help Desk js-support-ticket allows PHP Local File Inclusion.This issue affects JS Help Desk: from n/a through = 2.9.2...