CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2103 matches found

Patchstack•added 2025/12/31 12:0 a.m.•7 views

WordPress Golo theme <= 1.7.0 - Authentication Bypass to Account Takeover vulnerability

Authentication Bypass to Account Takeover vulnerability discovered by Foxyyy in WordPress Theme Golo versions = 1.7.0...

9.8CVSS5.5AI score0.00583EPSS

Exploits0References1Affected Software1

EUVD•added 2025/12/30 12:30 p.m.•2 views

EUVD-2025-205749

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Cinerama - A WordPress Theme for Movie Studios and Filmmakers cinerama allows PHP Local File Inclusion.This issue affects Cinerama - A WordPress Theme for Movie Studi...

9.8CVSS6.6AI score0.00118EPSS

Exploits0References2

Patchstack•added 2025/12/30 12:13 p.m.•3 views

WordPress Electrician - Electrical Service WordPress theme <= 5.6 - Server Side Request Forgery (SSRF) vulnerability

WordPress Electrician - Electrical Service WordPress theme = 5.6 - Server Side Request Forgery SSRF vulnerability discovered by Bonds in WordPress Theme Electrician - Electrical Service WordPress versions = 5.6...

5.4CVSS7.1AI score0.00049EPSS

Exploits0Affected Software1

NVD•added 2025/12/30 11:15 a.m.•1 views

CVE-2025-68987

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Cinerama cinerama allows PHP Local File Inclusion.This issue affects Cinerama: from n/a through = 2.9...

7.5CVSS0.00118EPSS

Exploits0References1

Cvelist•added 2025/12/30 10:47 a.m.•24 views

CVE-2025-68987 WordPress Cinerama theme <= 2.9 - Local File Inclusion vulnerability

7.5CVSS0.00118EPSS

Exploits0References1

Cvelist•added 2025/12/30 10:47 a.m.•24 views

CVE-2025-68983 WordPress Greenmart theme <= 4.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects Greenmart: from n/a through = 4.2.11...

7.5CVSS0.00103EPSS

Exploits0References1

CVE•added 2025/12/30 10:47 a.m.•8 views

CVE-2025-68987

CVE-2025-68987 is tied to the WordPress theme Cinerama (Branda? no, Cinerama theme) , described as an authenticated local file inclusion (LFI) vulnerability. The Wordfence entry specifies Cinerama

7.5CVSS5.9AI score0.00118EPSS

Exploits0References1

Positive Technologies•added 2025/12/30 12:0 a.m.•2 views

PT-2025-53876

Name of the Vulnerable Software and Affected Versions Edge-Themes Cinerama - A WordPress Theme for Movie Studios and Filmmakers versions through 2.4 Description The software contains a PHP Local File Inclusion issue due to improper control of filename for include/require statements. This allows f...

9.8CVSS6.5AI score0.00118EPSS

Exploits0References4

Vulnrichment•added 2025/12/29 11:18 p.m.•1 views

CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability

Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...

5.4CVSS6.5AI score0.00027EPSS

Exploits0References1

Patchstack•added 2025/12/27 7:21 p.m.•2 views

WordPress Zota theme <= 1.3.14 - Local File Inclusion vulnerability

Software : Zota Type : Theme Vulnerable versions : = 1.3.14 Fixed in : 1.3.15 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68537 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 058fe19104cc...

9.8CVSS6.5AI score0.00109EPSS

Exploits0Affected Software1

Cvelist•added 2025/12/18 7:22 a.m.•18 views

CVE-2025-64376 WordPress ListingPro theme < 2.9.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro allows Reflected XSS.This issue affects ListingPro: from n/a through 2.9.10...

7.1CVSS0.00029EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•7 views

CVE-2025-64205

CVE-2025-64205 affects WordPress Jannah theme versions up to and including 7.6.0. The issue is an improper control of filename for include/require, enabling PHP Local File Inclusion (LFI). The CVSS 3.1 base score is 8.2 (HIGH) with network attack vector, low attack complexity, no privileges requi...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•4 views

CVE-2025-64188 WordPress Soledad theme <= 8.6.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in PenciDesign Soledad soledad allows Privilege Escalation.This issue affects Soledad: from n/a through = 8.6.9...

9.8CVSS6.6AI score0.00059EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•4 views

CVE-2025-63039

CVE-2025-63039 corresponds to a Missing Authorization (Broken Access Control) vulnerability in the WordPress ListingPro theme (ListingPro: ≤2.9.9). Red Hat and ENISA records corroborate the issue affecting ListingPro versions up to 2.9.9 due to incorrectly configured access control security level...

6.5CVSS6.6AI score0.00041EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•1 views

CVE-2025-60056 WordPress Winger theme <= 1.0.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Winger winger allows PHP Local File Inclusion.This issue affects Winger: from n/a through = 1.0.16...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:21 a.m.•2 views

CVE-2025-59134 WordPress Sale! Immigration law, Visa services support, Migration Agent Consulting theme <= 1.5.8 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through = 1.5.8...

8.8CVSS6.6AI score0.00056EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:21 a.m.•1 views

CVE-2025-58943 WordPress Agricola theme <= 1.1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through = 1.1.0...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1

Cvelist•added 2025/12/18 7:21 a.m.•21 views

CVE-2025-58931 WordPress Palatio theme <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through = 1.6...

8.1CVSS0.0011EPSS

Exploits0References1

CVE•added 2025/12/18 7:21 a.m.•9 views

CVE-2025-58931

The CVE-2025-58931 entry corresponds to a Local File Inclusion in the WordPress Palatio theme (versions up to 1.6). Affected component: Palatio PHP code; root cause: improper control of filename for include/require statements, enabling PHP Local File Inclusion. Impact: potential disclosure or man...

8.1CVSS6.7AI score0.0011EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/18 7:21 a.m.•20 views

CVE-2025-58935 WordPress Lunna theme <= 1.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Lunna lunna allows PHP Local File Inclusion.This issue affects Lunna: from n/a through = 1.15...

8.1CVSS0.00126EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by