CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE•added 2025/12/18 7:22 a.m.•11 views

CVE-2025-6326

CVE-2025-6326 affects WordPress Inset theme (and related Inset components) up to version 1.18.0, exposing a PHP Local File Inclusion via improper control of the filename for include/require. The vulnerability enables access to local files due to an insecure inclusion mechanism. The provided docum...

8.1CVSS6.7AI score0.00344EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•3 views

CVE-2025-6326 WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through = 1.18.0...

8.1CVSS6.7AI score0.00344EPSS

Exploits0References1

Cvelist•added 2025/06/09 3:56 p.m.•15 views

CVE-2025-26592 WordPress Lab Theme <= 1.0.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Lab lab allows PHP Local File Inclusion.This issue affects Lab: from n/a through = 1.0.0...

8.1CVSS0.00519EPSS

Exploits0References1

Vulnrichment•added 2025/06/09 3:56 p.m.•2 views

CVE-2025-26592 WordPress Lab Theme <= 1.0.0 - Local File Inclusion Vulnerability

8.1CVSS7.8AI score0.00519EPSS

Exploits0References1

CVE•added 2025/06/09 3:56 p.m.•51 views

CVE-2025-26592

CVE-2025-26592 concerns AncoraThemes Inset WordPress theme Local File Inclusion due to improper control of filename for include/require. Affected: Inset versions up to 1.18.0 (vendor/patch notes show similar LFI patterns in WordPress themes). Impact per CVSSv3.1: HIGH (C, I, A HIGH; network attac...

8.1CVSS7.2AI score0.00519EPSS

Exploits0References1

Patchstack•added 2025/06/09 10:29 a.m.•7 views

WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Inset versions = 1.18.0...

8.1CVSS7AI score0.00519EPSS

Exploits0Affected Software1

CNNVD•added 2025/06/09 12:0 a.m.•3 views

WordPress plugin Inset 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Inset plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...

8.1CVSS6.5AI score0.00519EPSS

Exploits0References1

Patchstack•added 2025/06/09 12:0 a.m.•7 views

WordPress Inset Theme <= 1.18.0 is vulnerable to Local File Inclusion

Software Inset Type Theme Vulnerable versions = 1.18.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2b36ab61c62f Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

8.1CVSS7.2AI score0.00519EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by