CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2135 matches found

Vulnrichment•added 2026/03/05 5:54 a.m.•1 views

CVE-2026-28054 WordPress Legal Stone theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Legal Stone legal-stone allows PHP Local File Inclusion.This issue affects Legal Stone: from n/a through = 1.2.11...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-28056 WordPress MCKinney's Politics theme <= 1.2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX MCKinney's Politics mckinney-politics allows PHP Local File Inclusion.This issue affects MCKinney's Politics: from n/a through = 1.2.8...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-28053

CVE-2026-28053 describes a PHP Local File Inclusion vulnerability in the WordPress theme ThemeREX Miller (christine-miller) caused by an Improper Control of Filename for Include/Require . Affected are Miller versions from unknown start up to and including 1.3.3 . The connected sources consistentl...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•2 views

CVE-2026-28052 WordPress Peter Mason theme <= 1.4.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Peter Mason petermason allows PHP Local File Inclusion.This issue affects Peter Mason: from n/a through = 1.4.5...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•28 views

CVE-2026-28046 WordPress Law Office theme <= 3.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

8.1CVSS0.00403EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•2 views

CVE-2026-28045 WordPress N7 | Golf Club Sports & Events theme <= 2.16.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX N7 | Golf Club Sports & Events n7-golf-club allows PHP Local File Inclusion.This issue affects N7 | Golf Club Sports & Events: from n/a through = 2.16.0...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•9 views

CVE-2026-28046

CVE-2026-28046 is a Local File Inclusion vulnerability in the WordPress WordPress Law Office theme (ThemeREX Law Office) affecting versions up to 3.3.0. The issue stems from improper control of filenames in PHP include/require, enabling potential local file access via a network-exposed vector. Th...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•7 views

CVE-2026-28026

CVE-2026-28026 corresponds to a Local File Inclusion (LFI) in ThemeREX Motorix (WordPress/Motorix theme) due to improper control of the filename in PHP include/require statements. Affected: Motorix versions up to and including 1.6 (notation:

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•28 views

CVE-2026-28021 WordPress Craftis theme <= 1.2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Craftis craftis allows PHP Local File Inclusion.This issue affects Craftis: from n/a through = 1.2.8...

8.1CVSS0.00433EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•29 views

CVE-2026-28018 WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

8.1CVSS0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•29 views

CVE-2026-28013 WordPress Kratz theme <= 1.0.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Kratz kratz allows PHP Local File Inclusion.This issue affects Kratz: from n/a through = 1.0.12...

8.1CVSS0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•30 views

CVE-2026-27992 WordPress Meals & Wheels theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This issue affects Meals & Wheels: from n/a through = 1.1.12...

8.1CVSS0.00433EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-27989 WordPress Quanzo theme <= 1.0.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quanzo: from n/a through = 1.0.10...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•31 views

CVE-2026-27987 WordPress The Qlean theme <= 2.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through = 2.12...

8.1CVSS0.00415EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•2 views

CVE-2026-27987 WordPress The Qlean theme <= 2.12 - Local File Inclusion vulnerability

5.8AI score0.00415EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-27987

CVE-2026-27987 concerns WordPress ThemeREX The Qlean (the-qlean)

8.1CVSS5.9AI score0.00415EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-27986

CVE-2026-27986 is a Local File Inclusion (LFI) vulnerability in the WordPress ThemeOsTende OSTende by ThemeREX. Affected: OsTende versions up to and including 1.4.3. Root cause: improper filename handling for PHP include/require statements (PHP Remote File Inclusion risk turned into Local File In...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-27437

CVE-2026-27437 is a PHP Object Injection vulnerability in the ThemeREX Tennis Club WordPress theme (tennis-sportclub), arising from deserialization of untrusted data that enables object injection. Public records in NVD, Red Hat, CVE listings, and PatchStack describe it as deserialization-based, a...

9.8CVSS5.9AI score0.00375EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•2 views

CVE-2026-27383 WordPress Metro theme <= 2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...

8.1CVSS5.8AI score0.00512EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-27383

CVE-2026-27383 affects RadiusTheme Metro WordPress theme (

8.1CVSS5.9AI score0.00512EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by