CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2100 matches found

NVD•added 2026/03/05 6:16 a.m.•2 views

CVE-2026-27326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•7 views

CVE-2026-28137

CVE-2026-28137 is a reflected Cross-Site Scripting vulnerability in the QuanticaLabs MediCenter - Health Medical Clinic WordPress Theme (Medicenter) up to version 14.9. Connected sources (Red Hat, NVD, CVE/CVE List, PatchStack, Patch tooling) confirm the issue as Improper Neutralization of Input ...

7.1CVSS5.9AI score0.00045EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-28129

CVE-2026-28129: Little Birdies WordPress theme (axiomthemes)

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•32 views

CVE-2026-28121 WordPress Anderson theme <= 1.4.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Anderson andersonclinic allows PHP Local File Inclusion.This issue affects Anderson: from n/a through = 1.4.2...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-28121

CVE-2026-28121 : Local File Inclusion in the WordPress theme Anderson (Andersonclinic) <= 1.4.2 due to improper control of include/require filename. Root cause is improper filename handling for PHP include/require, enabling potential local file inclusion. Affected software: Anderson theme for ...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•26 views

CVE-2026-28120 WordPress Dr.Patterson theme <= 1.3.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dr.Patterson dr-patterson allows PHP Local File Inclusion.This issue affects Dr.Patterson: from n/a through = 1.3.2...

8.1CVSS0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•5 views

CVE-2026-28120

CVE-2026-28120 is a local file inclusion vulnerability in ThemeREX Dr.Patterson dr-patterson (WordPress theme), caused by improper control of the filename in include/require statements. Affected: Dr.Patterson versions up to and including 1.3.2. The entry lists a high impact (CVSS 3.1: 8.1, HIGH) ...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-28098 WordPress Save Life theme <= 1.2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•5 views

CVE-2026-28098

CVE-2026-28098 is a Local File Inclusion vulnerability in the ThemeREX Save Life WordPress theme (versions up to 1.2.13). The issue arises from improper control of the filename used in PHP include/require statements, allowing an attacker to include local files. Public documentation consistently n...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•27 views

CVE-2026-28096 WordPress WealthCo theme <= 2.18 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX WealthCo wealthco allows PHP Local File Inclusion.This issue affects WealthCo: from n/a through = 2.18...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•23 views

CVE-2026-28076 WordPress Guff theme <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Frenify Guff guff allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Guff: from n/a through = 1.0.1...

7.5CVSS0.00047EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-28074

CVE-2026-28074 describes a Deserialization of Untrusted Data vulnerability in ThemeREX Pizza House pizzahouse (WordPress theme) affecting versions from n/a through

9.8CVSS5.9AI score0.00061EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•6 views

CVE-2026-28068

CVE-2026-28068 affects the WordPress Rhythmo theme (Rhythmo) versions

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•2 views

CVE-2026-28068 WordPress Rhythmo theme <= 1.3.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Rhythmo rhythmo allows PHP Local File Inclusion.This issue affects Rhythmo: from n/a through = 1.3.4...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•7 views

CVE-2026-28067

CVE-2026-28067 describes an LFI (Local File Inclusion) in the WordPress ThemeREX Bassein (bassein) theme. Affected software: ThemeREX Bassein bassein, version range from n/a up to and including 1.0.15. Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Re...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•1 views

CVE-2026-28065 WordPress Eject theme <= 2.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Eject eject allows PHP Local File Inclusion.This issue affects Eject: from n/a through = 2.17...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•26 views

CVE-2026-28063 WordPress Asia Garden theme <= 1.3.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Asia Garden asia-garden allows PHP Local File Inclusion.This issue affects Asia Garden: from n/a through = 1.3.1...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•27 views

CVE-2026-28061 WordPress Tiger Claw theme <= 1.1.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tiger Claw tiger-claw allows PHP Local File Inclusion.This issue affects Tiger Claw: from n/a through = 1.1.14...

8.1CVSS0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:54 a.m.•26 views

CVE-2026-28059 WordPress Dermatology Clinic theme <= 1.4.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dermatology Clinic dermatology-clinic allows PHP Local File Inclusion.This issue affects Dermatology Clinic: from n/a through = 1.4.3...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:54 a.m.•1 views

CVE-2026-28062 WordPress Happy Baby theme <= 1.2.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through = 1.2.12...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by