Lucene search
K

93392 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/20 3:47 p.m.6 views

CVE-2026-22356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Automattic Jetpack CRM zero-bs-crm allows PHP Local File Inclusion.This issue affects Jetpack CRM: from n/a through = 6.7.0...

5.5AI score0.00423EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.23 views

CVE-2026-22361 WordPress A-Mart theme <= 1.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes A-Mart a-mart allows PHP Local File Inclusion.This issue affects A-Mart: from n/a through = 1.0.2...

8.1CVSS0.00512EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.22 views

CVE-2026-22356 WordPress Jetpack CRM plugin <= 6.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Automattic Jetpack CRM zero-bs-crm allows PHP Local File Inclusion.This issue affects Jetpack CRM: from n/a through = 6.7.0...

7.5CVSS0.00423EPSS
Exploits1References1
CVE
CVE
added 2026/02/20 3:47 p.m.12 views

CVE-2026-22354

Summary of CVE-2026-22354 (WordPress WooCommerce Banner Management plugin &lt;= 2.5.1): The issue is a PHP object injection due to deserialization of untrusted data in the Banner Management for WooCommerce component. Affected product/version: Banner Management, Product Slider & Carousel for WooCo...

8.8CVSS5.5AI score0.00468EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.23 views

CVE-2026-22354 WordPress Woocommerce Category Banner Management plugin <= 2.5.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.This issue affects Woocommerce Category Banner Management: from n/a through = 2.5.1...

8.8CVSS0.00468EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.11 views

CVE-2026-22346

CVE-2026-22346 refers to a deserialization of untrusted data (PHP Object Injection) in the WordPress plugin Slider Responsive Slideshow – Image slider, Gallery slideshow (versions up to and including 1.5.4). Multiple sources confirm the vulnerability and its impact, with Red Hat, NVD, CVE lists, ...

8.8CVSS5.5AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.15 views

CVE-2026-22345

CVE-2026-22345 stems from a deserialization/ object-injection flaw in the WordPress plugin family Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery (component: new-image-gallery). The Red Hat/NVD entries and PatchStack corroborate that versions up to and including 1.6.0 ...

8.8CVSS5.5AI score0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.20 views

CVE-2025-69408 WordPress HealthFirst theme <= 1.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes HealthFirst healthfirst allows PHP Local File Inclusion.This issue affects HealthFirst: from n/a through = 1.0.1...

8.1CVSS0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.3 views

CVE-2025-69407 WordPress Struktur theme <= 2.5.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...

5.5AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.4 views

CVE-2025-69409 WordPress PJ | Life & Business Coaching theme <= 3.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes PJ | Life & Business Coaching pj allows PHP Local File Inclusion.This issue affects PJ | Life & Business Coaching: from n/a through = 3.0.0...

5.5AI score0.00512EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.21 views

CVE-2025-69409 WordPress PJ | Life & Business Coaching theme <= 3.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes PJ | Life & Business Coaching pj allows PHP Local File Inclusion.This issue affects PJ | Life & Business Coaching: from n/a through = 3.0.0...

8.1CVSS0.00512EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.10 views

CVE-2025-69407

CVE-2025-69407 affects WordPress Struktur theme &lt;= 2.5.1. The issue is Local File Inclusion due to Improper Control of Filename for Include/Require in PHP, enabling potential PHP Local File Inclusion. Affected product/feature: Struktur theme (WordPress). Root cause: improper filename handling ...

8.1CVSS5.6AI score0.00512EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.23 views

CVE-2025-69404 WordPress Extreme Store theme <= 1.5.10 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Extreme Store extremestore allows Object Injection.This issue affects Extreme Store: from n/a through = 1.5.10...

9.8CVSS0.00375EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:46 p.m.3 views

CVE-2025-69402

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX R rf allows PHP Local File Inclusion.This issue affects R: from n/a through = 1.5...

5.5AI score0.00561EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:46 p.m.5 views

CVE-2025-69400

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yokoo yokoo allows PHP Local File Inclusion.This issue affects Yokoo: from n/a through = 1.1.11...

5.5AI score0.00512EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.4 views

CVE-2025-69400 WordPress Yokoo theme <= 1.1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yokoo yokoo allows PHP Local File Inclusion.This issue affects Yokoo: from n/a through = 1.1.11...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.6 views

CVE-2025-69399

CVE-2025-69399 describes an Unauthenticated Local File Inclusion in the WordPress Cobble theme (ThemeREX Cobble) up to version 1.7. The issue arises from an improper control of the filename in include/require statements, enabling local file inclusion. Documented impact per sources indicates poten...

8.1CVSS5.6AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.2 views

CVE-2025-69398 WordPress Plank theme <= 1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Plank plank allows PHP Local File Inclusion.This issue affects Plank: from n/a through = 1.7...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.4 views

CVE-2025-69387 WordPress Simple Retail Menus plugin <= 4.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in whatwouldjessedo Simple Retail Menus simple-retail-menus allows PHP Local File Inclusion.This issue affects Simple Retail Menus: from n/a through = 4.2.1...

7.5CVSS5.5AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.25 views

CVE-2025-69372 WordPress SevenHills theme <= 1.6.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object Injection.This issue affects SevenHills: from n/a through = 1.6.2...

9.8CVSS0.00403EPSS
Exploits0References1
Rows per page
Query Builder