1618 matches found
CVE-2025-32288
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.4...
CVE-2025-28979
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress WP Pipes allows PHP Local File Inclusion. This issue affects WP Pipes: from n/a through 1.4.3...
CVE-2025-54701 WordPress Unicamp Theme <= 2.6.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Unicamp allows PHP Local File Inclusion. This issue affects Unicamp: from n/a through 2.6.3...
CVE-2025-54690
CVE-2025-54690 is a WordPress/Xinterio Theme
CVE-2025-54690 WordPress Xinterio Theme <= 4.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek Xinterio allows PHP Local File Inclusion. This issue affects Xinterio: from n/a through 4.2...
CVE-2025-54689 WordPress Urna Theme <= 2.5.7 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.7...
CVE-2025-54689
CVE-2025-54689 affects the WordPress theme Urna (thembay Urna) up to version 2.5.7 and is caused by an improper control of the filename for include/require statements, i.e., a PHP Local File Inclusion vulnerability. Public sources (Patchstack, patch details) confirm an unauthenticated Local File ...
CVE-2025-24766 WordPress News Magazine X <= 1.2.35 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wproyal News Magazine X news-magazine-x allows PHP Local File Inclusion.This issue affects News Magazine X: from n/a through = 1.2.37...
CVE-2025-25172 WordPress VidMov <= 1.9.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidMov vidmov allows PHP Local File Inclusion.This issue affects VidMov: from n/a through = 1.9.4...
CVE-2025-28979 WordPress WP Pipes <= 1.4.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress WP Pipes allows PHP Local File Inclusion. This issue affects WP Pipes: from n/a through 1.4.3...
CVE-2025-28979 WordPress WP Pipes <= 1.4.3 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress WP Pipes allows PHP Local File Inclusion. This issue affects WP Pipes: from n/a through 1.4.3...
CVE-2025-30635
CVE-2025-30635 affects IDonatePro (WordPress plugin) <= 2.1.9 and is described as an improper control of the filename for include/require statements, enabling PHP Local File Inclusion. Public sources in the connected documents corroborate the vulnerability as a Local File Inclusion issue and n...
CVE-2025-49264 WordPress Cloud SAML SSO - Single Sign On Login <= 1.0.18 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On...
CVE-2025-52728 WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel WordPress Plugin allows PHP Local File Inclusion. This issue affects Responsive Posts Carousel WordPress Plugin: from n/a through 15.0...
PT-2025-33241 · Thembay · Urna
Name of the Vulnerable Software and Affected Versions: thembay Urna versions through 2.5.7 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion. Recommendations:...
PT-2025-33173 · Unknown · Geo Mashup
Name of the Vulnerable Software and Affected Versions: Geo Mashup versions through 1.13.16 Description: A flaw exists in the handling of filename control for include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Dylan Kuhn Geo Mashup. This allows for th...
2025-08 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5063709)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...
2025-08 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5063871)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
MAL-2025-6818 Malicious code in require-turbo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8b488e13ee585b7b97c9cba93c25b1a58678d591f8ef16720f812f047be16f3d The OpenSSF Package Analysis project identified 'require-turbo' @ 99.0.3 npm as malicious. It is considered malicious because: - The package...
Malicious code in require-turbo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8b488e13ee585b7b97c9cba93c25b1a58678d591f8ef16720f812f047be16f3d The OpenSSF Package Analysis project identified 'require-turbo' @ 99.0.3 npm as malicious. It is considered malicious because: - The package...