264022 matches found
CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...
CVE-2025-69369 WordPress Racquet theme <= 1.12.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...
CVE-2025-69369
CVE-2025-69369 is a Local File Inclusion vulnerability in the WordPress theme Racquet (Racquet
WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Aliefis in WordPress Plugin Visual Link Preview versions = 2.4.1...
CVE-2025-58897 WordPress Fermentio theme <= 1.5.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0...
CVE-2025-58897
The CVE-2025-58897 entry concerns the WordPress Fermentio theme (
CVE-2025-58897 WordPress Fermentio theme <= 1.5.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0...
CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...
CVE-2025-58707 WordPress Spin theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...
CVE-2025-58707
The CVE-2025-58707 issue is a Local File Inclusion vulnerability in the WordPress Spin theme (Spin) versions up to 1.8. It arises from improper handling of filenames for include/require statements in a PHP program, enabling PHP LFI. Affected product: Axiomthemes Spin (WordPress Spin theme
WordPress King Addons for Elementor plugin <= 51.1.62 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by thevietronin in WordPress Plugin King Addons for Elementor versions = 51.1.62...
CVE-2026-39555
The CVE-2026-39555 entry concerns the WordPress Askka theme (versions up to 1.3.1). The vulnerability is a PHP Object Injection via a deserialization of untrusted data in the Askka plugin/theme, allowing object injection. Affected component: WordPress Askka theme
CVE-2026-39555 WordPress Askka theme <= 1.3.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. This issue affects Askka: from n/a through 1.3.1...
CVE-2026-39555 WordPress Askka theme <= 1.3.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. This issue affects Askka: from n/a through 1.3.1...
WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Niv Kochan in WordPress Plugin Montonio for WooCommerce versions = 10.1.2...
WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability
SQL Injection vulnerability discovered by kai63001 in WordPress Plugin GamiPress versions = 7.8.7...
WordPress JetSmartFilters plugin <= 3.8.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Austin Ginder in WordPress Plugin JetSmartFilters versions = 3.8.1...
CVE-2026-39553 WordPress WaveRide theme <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4...
CVE-2026-39553 WordPress WaveRide theme <= 1.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4...
CVE-2026-39553
CVE-2026-39553 concerns WordPress WaveRide theme versions up to 1.4, due to improper control of the filename for include/require in a PHP program, enabling Local File Inclusion (LFI). Affected software: WaveRide theme (Select-Themes) with PHP-based inclusion vulnerability. Root cause: inadequate ...