Lucene search
K

93390 matches found

NVD
NVD
added 2026/02/20 4:22 p.m.6 views

CVE-2026-22369

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Ironfit ironfit allows PHP Local File Inclusion.This issue affects Ironfit: from n/a through = 1.5...

8.1CVSS0.00512EPSS
Exploits0References1
OSV
OSV
added 2026/02/20 4:22 p.m.5 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

9.8CVSS5.9AI score0.00917EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.5 views

CVE-2025-69407

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...

8.1CVSS0.00512EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.7 views

CVE-2025-69402

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX R&F rf allows PHP Local File Inclusion.This issue affects R&F: from n/a through = 1.5...

8.1CVSS0.00561EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.9 views

CVE-2025-69383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.This issue affects WP shop: from n/a through = 2.6.1...

7.5CVSS0.00339EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.5 views

CVE-2025-69373

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidoRev vidorev allows PHP Local File Inclusion.This issue affects VidoRev: from n/a through = 2.9.9.9.9.9.7...

7.5CVSS0.00397EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.6 views

CVE-2025-68841

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper-pack allows PHP Local File Inclusion.This issue affects TopperPack – Complete Elementor Addons, Theme ...

7.5CVSS0.0037EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.5 views

CVE-2025-68543

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through = 1.3.15...

8.1CVSS0.00561EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.5 views

CVE-2025-68536

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...

8.1CVSS0.00512EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.4 views

CVE-2025-67980

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.17...

8.1CVSS0.00549EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.13 views

CVE-2026-22384

CVE-2026-22384 describes a deserialization vulnerability in the WordPress plugin Applay - Shortcodes (versions up to and including 3.7) that enables PHP Object Injection via untrusted data. The WP-exposed issue is associated with the leafcolor Applay - Shortcodes code path and is rated CRITICAL (...

9.8CVSS5.5AI score0.00304EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.23 views

CVE-2026-22378 WordPress Blabber theme <= 1.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through = 1.7.0...

8.1CVSS0.00334EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:47 p.m.3 views

CVE-2026-22373

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through = 1.3.10...

5.5AI score0.00426EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/20 3:47 p.m.2 views

CVE-2026-22373 WordPress Fooddy theme <= 1.3.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through = 1.3.10...

8.1CVSS5.9AI score0.00426EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.13 views

CVE-2026-22374

CVE-2026-22374 affects the WordPress Zio Alberto theme (versions

8.1CVSS5.6AI score0.00334EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.7 views

CVE-2026-22377

The CVE-2026-22377 entry concerns the WordPress Saveo theme (Saveo) with versions up to 1.1.2, which is affected by an improper control of filename for include/require statements, leading to a Local File Inclusion vulnerability. The risk aspect per the provided data shows high severity (CVSS 3.1:...

8.1CVSS5.6AI score0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:47 p.m.3 views

CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through = 1.2.2...

8.1CVSS5.5AI score0.00426EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.23 views

CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through = 1.2.2...

8.1CVSS0.00426EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:47 p.m.4 views

CVE-2026-22363

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rhodos rhodos allows PHP Local File Inclusion.This issue affects Rhodos: from n/a through = 1.3.3...

5.5AI score0.00512EPSS
Exploits0References2
CVE
CVE
added 2026/02/20 3:47 p.m.7 views

CVE-2026-22362

CVE-2026-22362 affects the WordPress Photolia theme ( Photolia &lt;= 1.0.3 ). The issue is a PHP Local File Inclusion caused by improper control of filenames in include/require statements. This enables reading local files. The vulnerability is rated as HIGH (CVSS 3.1: 8.1) with network attack vec...

8.1CVSS5.6AI score0.00403EPSS
Exploits0References1
Rows per page
Query Builder