1656 matches found
CVE-2026-22498
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through = 3.1...
CVE-2026-32537
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through =...
CVE-2026-32531
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through 1.4.5...
CVE-2026-32505
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy: from n/a through = 2.0.8...
CVE-2026-32500
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS MetaMax metamax allows PHP Local File Inclusion.This issue affects MetaMax: from n/a through = 1.1.4...
CVE-2026-27078 WordPress Emaurri theme <= 1.0.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from n/a through = 1.0.1...
CVE-2026-27076 WordPress LuxeDrive theme <= 1.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through = 1.0...
CVE-2026-25458
CVE-2026-25458 affects Moments (WordPress theme) up to version 2.2. The issue is an improper control of filename for include/require statements in PHP, effectively a PHP Remote File Inclusion that enables Local File Inclusion. According to Wordfence, this vulnerability is currently Unpatched; CVS...
CVE-2026-25457
CVE-2026-25457 affects Mixtape WordPress Theme
CVE-2026-22516 WordPress Wizor's theme <= 2.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Wizor's wizors-investments allows PHP Local File Inclusion.This issue affects Wizor's: from n/a through = 2.12...
CVE-2026-22514 WordPress Unica theme <= 1.4.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...
CVE-2026-22509 WordPress Gioia theme <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through = 1.4...
CVE-2026-22506
CVE-2026-22506 refers to a Local File Inclusion in the WordPress Amoli theme (Elated-Themes Amoli) via improper control of filename for include/Require in PHP. Affected: Amoli versions through 1.0 (
CVE-2026-22499 WordPress Lella theme <= 1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through = 1.2...
CVE-2026-22498
CVE-2026-22498 corresponds to a Local File Inclusion in WordPress Laurent theme versions = 3.2 or the vendor-released patch; as a workaround, avoid including untrusted local files via PHP include/require in the affected theme. The vulnerability affects the WordPress Laurent theme’s inclusion mech...
CVE-2026-22496
CVE-2026-22496 is a local file inclusion (PHP) vulnerability in the WordPress Hypnotherapy theme (Hypnotherapy) up to version 1.2.10. The issue arises from improper control of filenames in include/require statements (PHP RFI). Affected installations could be exploited remotely via the plugin/them...
WordPress plugin LoveDate 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-27954
Name of the Vulnerable Software and Affected Versions Select-Themes Moments versions n/a through 2.2 Description A flaw exists in the handling of file names within the include/require statements of a PHP program, specifically a PHP Local File Inclusion issue in Select-Themes Moments. This allows...
PT-2026-27836
Name of the Vulnerable Software and Affected Versions AncoraThemes VegaDays versions through 1.2.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local Fi...
PT-2026-27835
Name of the Vulnerable Software and Affected Versions AncoraThemes Unica versions through 1.4.1 Description The software contains a flaw related to improper control of filename handling for include/require statements, leading to a PHP Remote File Inclusion issue. This allows for PHP Local File...