CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2135 matches found

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27381 WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-27376

CVE-2026-27376 is a Reflected Cross‑Site Scripting vulnerability in the Claue theme (JanStudio Claue) for WordPress. It affects Claue – Clean, Minimal Elementor WooCommerce Theme versions from n/a through ≤ 2.2.7. The issue arises from improper neutralization of input during web page generation. ...

7.1CVSS5.9AI score0.0018EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•27 views

CVE-2026-27353 WordPress Grand News | Magazine Newspaper WordPress theme <= 3.4.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand News grandnews allows Reflected XSS.This issue affects Grand News: from n/a through = 3.4.3...

7.1CVSS0.0018EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•1 views

CVE-2026-27353 WordPress Grand News | Magazine Newspaper WordPress theme <= 3.4.3 - Reflected Cross Site Scripting (XSS) vulnerability

5.8AI score0.0018EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•14 views

CVE-2026-27352

CVE-2026-27352 affects ThemeGoods Starto (WordPress Starto theme). The vulnerability is a Reflected XSS due to improper input neutralization during web page generation. Affected versions are Starto from before 2.2.5 (i.e., impacted until 2.2.4). The CVSS 3.1 vector indicates Network attack, no pr...

7.1CVSS5.2AI score0.00191EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27339 WordPress Buzz Stone | Magazine & Viral Blog WordPress Theme theme <= 1.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Buzz Stone | Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone | Magazine & Viral Blog WordPress Theme:...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-27342 WordPress TopFit - Fitness and Gym WordPress Theme theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through = 1.9...

8.1CVSS0.00415EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•28 views

CVE-2026-27341 WordPress TopScorer - Sports WordPress Theme theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme topscorer allows PHP Local File Inclusion.This issue affects TopScorer - Sports WordPress Theme: from n/a through = 1.2...

8.1CVSS0.00415EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•27 views

CVE-2026-27339 WordPress Buzz Stone | Magazine & Viral Blog WordPress Theme theme <= 1.0.2 - Local File Inclusion vulnerability

8.1CVSS0.00403EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27341

5.9AI score0.00415EPSS

Exploits0References2

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27340 WordPress Apollo | Night Club, DJ Event WordPress Theme theme <= 1.3.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo | Night Club, DJ Event WordPress Theme: from n/a throu...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•1 views

CVE-2026-27342 WordPress TopFit - Fitness and Gym WordPress Theme theme <= 1.9 - Local File Inclusion vulnerability

8.1CVSS5.8AI score0.00415EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-27342

5.9AI score0.00415EPSS

Exploits0References2

CVE•added 2026/03/05 5:53 a.m.•8 views

CVE-2026-27341

CVE-2026-27341 is a Local File Inclusion vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme, arising from improper control of filenames in include/require statements. Connected sources confirm exploitation potential for TopScorer themes affected up to version 1.2 (n/a through

8.1CVSS5.9AI score0.00415EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•7 views

CVE-2026-27340

CVE-2026-27340 refers to an Local File Inclusion (LFI) vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme affecting versions through 1.3.1. The issue stems from improper control of filenames in PHP include/require statements, enabling inclusion of local files. Public sour...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-27339

CVE-2026-27339 describes an Unauthenticated Local File Inclusion in the Buzz Stone WordPress Theme (AncoraThemes Buzz Stone) up to version 1.0.2, caused by improper control of filenames in include/require statements. Public sources (NVD/Red Hat/PatchStack/Wordfence) confirm the issue and classify...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•31 views

CVE-2026-27340 WordPress Apollo | Night Club, DJ Event WordPress Theme theme <= 1.3.1 - Local File Inclusion vulnerability

8.1CVSS0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•27 views

CVE-2026-27335 WordPress Ekoterra - NonProfit, Green Energy & Ecology Theme theme <= 1.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & Ecology Theme: fr...

8.1CVSS0.00403EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27337

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress...

5.9AI score0.00512EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27336

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting &...

5.9AI score0.00403EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by