93390 matches found
CVE-2026-22369
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Ironfit ironfit allows PHP Local File Inclusion.This issue affects Ironfit: from n/a through = 1.5...
CVE-2025-70831
A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...
CVE-2025-69407
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...
CVE-2025-69402
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX R&F rf allows PHP Local File Inclusion.This issue affects R&F: from n/a through = 1.5...
CVE-2025-69383
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.This issue affects WP shop: from n/a through = 2.6.1...
CVE-2025-69373
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidoRev vidorev allows PHP Local File Inclusion.This issue affects VidoRev: from n/a through = 2.9.9.9.9.9.7...
CVE-2025-68841
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper-pack allows PHP Local File Inclusion.This issue affects TopperPack – Complete Elementor Addons, Theme ...
CVE-2025-68543
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Diza diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through = 1.3.15...
CVE-2025-68536
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...
CVE-2025-67980
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.17...
CVE-2026-22384
CVE-2026-22384 describes a deserialization vulnerability in the WordPress plugin Applay - Shortcodes (versions up to and including 3.7) that enables PHP Object Injection via untrusted data. The WP-exposed issue is associated with the leafcolor Applay - Shortcodes code path and is rated CRITICAL (...
CVE-2026-22378 WordPress Blabber theme <= 1.7.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through = 1.7.0...
CVE-2026-22373
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through = 1.3.10...
CVE-2026-22373 WordPress Fooddy theme <= 1.3.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through = 1.3.10...
CVE-2026-22374
CVE-2026-22374 affects the WordPress Zio Alberto theme (versions
CVE-2026-22377
The CVE-2026-22377 entry concerns the WordPress Saveo theme (Saveo) with versions up to 1.1.2, which is affected by an improper control of filename for include/require statements, leading to a Local File Inclusion vulnerability. The risk aspect per the provided data shows high severity (CVSS 3.1:...
CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through = 1.2.2...
CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through = 1.2.2...
CVE-2026-22363
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rhodos rhodos allows PHP Local File Inclusion.This issue affects Rhodos: from n/a through = 1.3.3...
CVE-2026-22362
CVE-2026-22362 affects the WordPress Photolia theme ( Photolia <= 1.0.3 ). The issue is a PHP Local File Inclusion caused by improper control of filenames in include/require statements. This enables reading local files. The vulnerability is rated as HIGH (CVSS 3.1: 8.1) with network attack vec...