Total
374 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32294 | 1 Wordpress | 1 Wordpress | 2025-07-13 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Oxpitan allows PHP Local File Inclusion. This issue affects Oxpitan: from n/a through 1.3.1. | ||||
| CVE-2025-30814 | 2 Radiustheme, Wordpress | 2 The Post Grid, Wordpress | 2025-07-13 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme The Post Grid allows PHP Local File Inclusion. This issue affects The Post Grid: from n/a through 7.7.17. | ||||
| CVE-2025-31432 | 2 Chop-chop, Wordpress | 2 Pop-up Chop Chop, Wordpress | 2025-07-13 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Chop Chop Pop-Up Chop Chop allows PHP Local File Inclusion. This issue affects Pop-Up Chop Chop: from n/a through 2.1.7. | ||||
| CVE-2025-28916 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Docpro allows PHP Local File Inclusion. This issue affects Docpro: from n/a through 2.0.1. | ||||
| CVE-2024-12563 | 2 Wordpress, Wp Sharks | 2 Wordpress, S2member Pro | 2025-07-12 | 8.8 High |
| The s2Member Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 250214 via the 'template' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. | ||||
| CVE-2024-54270 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axeptio Axeptio allows PHP Local File Inclusion.This issue affects Axeptio: from n/a through 2.5.3. | ||||
| CVE-2025-32151 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Sven Lehnert BuddyForms allows PHP Local File Inclusion. This issue affects BuddyForms: from n/a through 2.8.15. | ||||
| CVE-2025-31014 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ho3einie Material Dashboard allows PHP Local File Inclusion. This issue affects Material Dashboard: from n/a through 1.4.5. | ||||
| CVE-2025-26957 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Deetronix Affiliate Coupons allows PHP Local File Inclusion. This issue affects Affiliate Coupons: from n/a through 1.7.3. | ||||
| CVE-2025-46468 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPFable Fable Extra allows PHP Local File Inclusion. This issue affects Fable Extra: from n/a through 1.0.6. | ||||
| CVE-2025-31064 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Vizeon - Business Consulting allows PHP Local File Inclusion. This issue affects Vizeon - Business Consulting: from n/a through 1.1.7. | ||||
| CVE-2025-32150 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3. | ||||
| CVE-2025-22656 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar Alvarez Cookie Monster allows PHP Local File Inclusion. This issue affects Cookie Monster: from n/a through 1.2.2. | ||||
| CVE-2025-39490 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Backpack Traveler allows PHP Local File Inclusion. This issue affects Backpack Traveler: from n/a through 2.7. | ||||
| CVE-2025-27272 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in vinagecko VG PostCarousel allows PHP Local File Inclusion. This issue affects VG PostCarousel: from n/a through 1.1. | ||||
| CVE-2025-26889 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound hockeydata LOS allows PHP Local File Inclusion. This issue affects hockeydata LOS: from n/a through 1.2.4. | ||||
| CVE-2025-23937 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound LinkedIn Lite allows PHP Local File Inclusion. This issue affects LinkedIn Lite: from n/a through 1.0. | ||||
| CVE-2025-32654 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.65. | ||||
| CVE-2025-31632 | 1 Wordpress | 1 Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SpyroPress La Boom allows PHP Local File Inclusion. This issue affects La Boom: from n/a through 2.7. | ||||
| CVE-2025-39506 | 2 Nasatheme, Wordpress | 2 Nasa Core, Wordpress | 2025-07-12 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2. | ||||