WordPress SingleMalt theme <= 1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme SingleMalt versions = 1.5...

WordPress Mildhill theme <= 1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Mildhill versions = 1.5...

WordPress Santé theme <= 1.5.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Santé versions = 1.5.1...

WordPress Valiance theme <= 1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Valiance versions = 1.2...

WordPress Playroom theme <= 1.4.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Playroom versions = 1.4.1...

WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Fidalgo versions = 1.2.2...

WordPress Töbel theme <= 1.8.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Töbel versions = 1.8.1...

WordPress Aperitif theme <= 1.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Aperitif versions = 1.6...

EUVD-2026-20365

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through = 1.2.59...

EUVD-2026-20202

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...

CVE-2026-39611

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through = 4.2.9...

CVE-2026-39544

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...

CVE-2026-39679

CVE-2026-39679 is a local file inclusion (LFI) in the WordPress Freeio/ApusTheme Freeio plugin/theme. Affected: Freeio versions up to and including 1.3.21 (and related Freeio/Freeio themes referenced in Red Hat/EUVD records and CVE listings). Root cause: improper control of filenames for include/...

CVE-2026-39679 WordPress Freeio theme <= 1.3.21 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through = 1.3.21...

CVE-2026-39613

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...

CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...

CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...

CVE-2026-39538

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...

CVE-2026-39544 WordPress LabtechCO theme <= 8.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...

CVE-2026-39538 WordPress Mikado Core plugin <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...