PT-2026-23293

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yottis yottis allows PHP Local File Inclusion.This issue affects Yottis: from n/a through = 1.0.10...

PT-2026-23372

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Artrium artrium allows PHP Local File Inclusion.This issue affects Artrium: from n/a through = 1.0.14...

PT-2026-23309

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Kayon kayon allows PHP Local File Inclusion.This issue affects Kayon: from n/a through = 1.3...

PT-2026-23177

Name of the Vulnerable Software and Affected Versions Mikado-Themes Verdure versions through 1.6 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion...

PT-2026-23297

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ShiftCV shift-cv allows PHP Local File Inclusion.This issue affects ShiftCV: from n/a through = 3.0.14...

CVE-2025-69322

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes PeakShops peakshops allows PHP Local File Inclusion.This issue affects PeakShops: from n/a through 1.5.9...

CVE-2025-69373

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidoRev vidorev allows PHP Local File Inclusion.This issue affects VidoRev: from n/a through = 2.9.9.9.9.9.7...

CVE-2025-69383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.This issue affects WP shop: from n/a through = 2.6.1...

CVE-2025-68536

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...

CVE-2026-22356 WordPress Jetpack CRM plugin <= 6.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Automattic Jetpack CRM zero-bs-crm allows PHP Local File Inclusion.This issue affects Jetpack CRM: from n/a through = 6.7.0...

CVE-2025-69400

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yokoo yokoo allows PHP Local File Inclusion.This issue affects Yokoo: from n/a through = 1.1.11...

PT-2026-21205

Name of the Vulnerable Software and Affected Versions axiomthemes Photolia versions through 1.0.3 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

PT-2026-21103

Name of the Vulnerable Software and Affected Versions Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder versions through 1.2.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusio...

PT-2026-20696

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through = 1.4.5...

PT-2026-20760

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in villatheme Sales Countdown Timer for WooCommerce and WordPress sctv-sales-countdown-timer allows PHP Local File Inclusion.This issue affects Sales Countdown Timer for WooCommerce...

EUVD-2024-55394

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Talemy Spirit Framework allows PHP Local File Inclusion.This issue affects Spirit Framework: from n/a through 1.2.13...

CVE-2025-69046

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebGeniusLab iRecco Core irecco-core allows PHP Local File Inclusion.This issue affects iRecco Core: from n/a through = 1.3.6...

CVE-2025-69047

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech MaxShop swmaxshop allows PHP Local File Inclusion.This issue affects MaxShop: from n/a through = 3.6.20...

CVE-2025-67615

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bslthemes Myour myour allows PHP Local File Inclusion.This issue affects Myour: from n/a through = 1.5.1...

CVE-2025-63017

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...