CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2135 matches found

Cvelist•added 2026/03/05 5:53 a.m.•26 views

CVE-2026-27097 WordPress CasaMia | Property Rental Real Estate WordPress Theme theme <= 1.1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

8.1CVSS0.00512EPSS

Exploits1References1

Cvelist•added 2026/03/05 5:53 a.m.•31 views

CVE-2026-27334 WordPress Alchemists theme <= 4.6.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in danfisher Alchemists alchemists allows PHP Local File Inclusion.This issue affects Alchemists: from n/a through = 4.6.0...

8.1CVSS0.00403EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•1 views

CVE-2026-27098 WordPress Au Pair Agency - Babysitting & Nanny Theme theme <= 1.2.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in axiomthemes Au Pair Agency - Babysitting & Nanny Theme au-pair-agency allows Object Injection.This issue affects Au Pair Agency - Babysitting & Nanny Theme: from n/a through = 1.2.2...

8.1CVSS5.8AI score0.00308EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•27 views

CVE-2026-27098 WordPress Au Pair Agency - Babysitting & Nanny Theme theme <= 1.2.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in axiomthemes Au Pair Agency - Babysitting & Nanny Theme au-pair-agency allows Object Injection.This issue affects Au Pair Agency - Babysitting & Nanny Theme: from n/a through = 1.2.2...

8.1CVSS0.00308EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-27326 WordPress AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme theme <= 1.2.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•25 views

CVE-2026-27326 WordPress AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme theme <= 1.2.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

8.1CVSS0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•8 views

CVE-2026-27098

CVE-2026-27098 affects the WordPress theme Au Pair Agency - Babysitting & Nanny Theme (

8.1CVSS5.9AI score0.00308EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-27326

CVE-2026-27326 affects the AC Services | HVAC WordPress theme (window-ac-services), with Improper Handling of Include/Require in PHP leading to Local File Inclusion. Public reports (Wordfence) indicate the issue exists for theme versions up to 1.2.5 and is currently Unpatched. Affected component ...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-27334

CVE-2026-27334: Local File Inclusion in WordPress Alchemists theme (

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

ATTACKERKB•added 2026/03/05 5:53 a.m.•10 views

CVE-2026-27097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

5.9AI score0.00512EPSS

Exploits1References2

ATTACKERKB•added 2026/03/05 5:53 a.m.•11 views

CVE-2026-27326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

5.9AI score0.00403EPSS

Exploits0References2

Cvelist•added 2026/03/05 5:53 a.m.•27 views

CVE-2026-23801 WordPress The Issue theme <= 1.6.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes The Issue theissue allows PHP Local File Inclusion.This issue affects The Issue: from n/a through = 1.6.11...

8.1CVSS0.00504EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•10 views

CVE-2026-23801

CVE-2026-23801 affects The Issue WordPress theme (<= 1.6.11): Local File Inclusion via improper control of filenames in Include/Require (PHP Remote File Inclusion). CVSS v3.1 base score 8.1 (HIGH, network, no user interaction). Red Hat/NVD/patchstack entries confirm the issue and note the fix;...

8.1CVSS5.9AI score0.00504EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-23801 WordPress The Issue theme <= 1.6.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes The Issue theissue allows PHP Local File Inclusion.This issue affects The Issue: from n/a through = 1.6.11...

8.1CVSS5.8AI score0.00504EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•8 views

CVE-2026-22497

CVE-2026-22497 describes a Deserialization of Untrusted Data vulnerability in the WordPress theme Jardi (AncoraThemes) up to version 1.7.2. The connected documents confirm the issue is a PHP Object Injection flaw triggered by untrusted data deserialization, affecting Jardi versions

9.8CVSS5.9AI score0.0051EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•0 views

CVE-2026-22465 WordPress BuddyApp theme <= 1.9.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SeventhQueen BuddyApp buddyapp allows Reflected XSS.This issue affects BuddyApp: from n/a through = 1.9.2...

7.1CVSS5.8AI score0.00237EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•3 views

CVE-2026-22454 WordPress Solaris theme <= 2.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Solaris solaris allows Object Injection.This issue affects Solaris: from n/a through = 2.5...

5.8AI score0.0051EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•6 views

CVE-2026-22453

CVE-2026-22453 is a deserialization-based PHP Object Injection vulnerability in the ThemeREX Pets Club WordPress theme (Pets Club) affecting versions up to 2.3. The issue arises from deserializing untrusted data, enabling object injection. The vulnerability is rated critical (CVSS 3.1 9.8) with n...

9.8CVSS5.9AI score0.0051EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-22454

CVE-2026-22454 describes a Deserialization of Untrusted Data vulnerability in ThemeREX Solaris WordPress theme, enabling PHP Object Injection. Affected software is Solaris versions n/a through 2.5. The CVE entry indicates a high-impact issue with a CVSS v3.1 base score of 9.8 (Network, Low comple...

9.8CVSS5.9AI score0.0051EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•26 views

CVE-2026-22434

CVE-2026-22434 details a Local File Inclusion in Crown Art (AncoraThemes Crown Art) WordPress theme. Public sources confirm improper control of filename for include/require statements, leading to PHP Local File Inclusion on Crown Art versions n/a–

8.1CVSS5.9AI score0.00504EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by