CVE Daily – Remote File Inclusion (RFI) https://cvedaily.com/pages/tags/rfi.html CVE Daily – Remote File Inclusion (RFI) en Wed, 03 Jun 2026 21:26:34 +0000 [High] CVE-2026-39553 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39553 https://nvd.nist.gov/vuln/detail/CVE-2026-39553 Tue, 02 Jun 2026 14:16:52 +0000 High CVE-2026-39553

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39552 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39552 https://nvd.nist.gov/vuln/detail/CVE-2026-39552 Tue, 02 Jun 2026 14:16:52 +0000 High CVE-2026-39552

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-69369 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-69369 https://nvd.nist.gov/vuln/detail/CVE-2025-69369 Tue, 02 Jun 2026 14:16:37 +0000 High CVE-2025-69369

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-68886 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-68886 https://nvd.nist.gov/vuln/detail/CVE-2025-68886 Tue, 02 Jun 2026 14:16:37 +0000 High CVE-2025-68886

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in androThemes Cookiteer allows PHP Local File Inclusion. This issue affects Cookiteer: from n/a through 1.4.8.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-58897 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-58897 https://nvd.nist.gov/vuln/detail/CVE-2025-58897 Tue, 02 Jun 2026 14:16:35 +0000 High CVE-2025-58897

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-58707 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-58707 https://nvd.nist.gov/vuln/detail/CVE-2025-58707 Tue, 02 Jun 2026 14:16:35 +0000 High CVE-2025-58707

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-58705 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-58705 https://nvd.nist.gov/vuln/detail/CVE-2025-58705 Tue, 02 Jun 2026 12:16:16 +0000 High CVE-2025-58705

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Crafti allows PHP Local File Inclusion. This issue affects Crafti: from n/a through 1.12.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-58024 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-58024 https://nvd.nist.gov/vuln/detail/CVE-2025-58024 Tue, 02 Jun 2026 12:16:16 +0000 High CVE-2025-58024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in UnboundStudio Accordion FAQ allows PHP Local File Inclusion. This issue affects Accordion FAQ: from n/a through 2.2.1.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-53440 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-53440 https://nvd.nist.gov/vuln/detail/CVE-2025-53440 Tue, 02 Jun 2026 12:16:16 +0000 High CVE-2025-53440

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Confidant allows PHP Local File Inclusion. This issue affects Confidant: from n/a through 1.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-48972 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-48972 https://nvd.nist.gov/vuln/detail/CVE-2026-48972 Wed, 27 May 2026 14:17:33 +0000 High CVE-2026-48972

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion. This issue affects SeedProd Pro: from n/a before 6.19.5.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39661 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39661 https://nvd.nist.gov/vuln/detail/CVE-2026-39661 Tue, 26 May 2026 09:16:20 +0000 High CVE-2026-39661

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2018-25329 – WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerabili... https://nvd.nist.gov/vuln/detail/CVE-2018-25329 https://nvd.nist.gov/vuln/detail/CVE-2018-25329 Sun, 17 May 2026 13:16:44 +0000 High CVE-2018-25329

WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attackers can send GET requests to wp.spritz.content.filter.php with malicious url values to access sensitive files like system configuration and credentials.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-5804 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-5804 https://nvd.nist.gov/vuln/detail/CVE-2025-5804 Fri, 10 Apr 2026 14:16:25 +0000 High CVE-2025-5804

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through < 1.0.4.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2025-58913 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2025-58913 https://nvd.nist.gov/vuln/detail/CVE-2025-58913 Fri, 10 Apr 2026 14:16:25 +0000 High CVE-2025-58913

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through <= 2.3.8.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39684 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39684 https://nvd.nist.gov/vuln/detail/CVE-2026-39684 Wed, 08 Apr 2026 09:16:40 +0000 High CVE-2026-39684

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in UnTheme OrganicFood organicfood allows PHP Local File Inclusion.This issue affects OrganicFood: from n/a through <= 3.6.4.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39681 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39681 https://nvd.nist.gov/vuln/detail/CVE-2026-39681 Wed, 08 Apr 2026 09:16:39 +0000 High CVE-2026-39681

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through <= 1.2.59.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39679 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39679 https://nvd.nist.gov/vuln/detail/CVE-2026-39679 Wed, 08 Apr 2026 09:16:39 +0000 High CVE-2026-39679

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Freeio freeio allows PHP Local File Inclusion.This issue affects Freeio: from n/a through <= 1.3.21.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39677 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39677 https://nvd.nist.gov/vuln/detail/CVE-2026-39677 Wed, 08 Apr 2026 09:16:39 +0000 High CVE-2026-39677

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through <= 3.9.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39623 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39623 https://nvd.nist.gov/vuln/detail/CVE-2026-39623 Wed, 08 Apr 2026 09:16:32 +0000 High CVE-2026-39623

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Biolife biolife allows PHP Local File Inclusion.This issue affects Biolife: from n/a through <= 3.2.3.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39613 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39613 https://nvd.nist.gov/vuln/detail/CVE-2026-39613 Wed, 08 Apr 2026 09:16:31 +0000 High CVE-2026-39613

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through <= 2.3.3.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39611 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39611 https://nvd.nist.gov/vuln/detail/CVE-2026-39611 Wed, 08 Apr 2026 09:16:30 +0000 High CVE-2026-39611

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through <= 4.2.9.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39544 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39544 https://nvd.nist.gov/vuln/detail/CVE-2026-39544 Wed, 08 Apr 2026 09:16:27 +0000 High CVE-2026-39544

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through <= 8.3.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-39538 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-39538 https://nvd.nist.gov/vuln/detail/CVE-2026-39538 Wed, 08 Apr 2026 09:16:26 +0000 High CVE-2026-39538

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through <= 1.6.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32537 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32537 https://nvd.nist.gov/vuln/detail/CVE-2026-32537 Wed, 25 Mar 2026 17:17:07 +0000 High CVE-2026-32537

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through <= 3.5.1.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32531 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32531 https://nvd.nist.gov/vuln/detail/CVE-2026-32531 Wed, 25 Mar 2026 17:17:06 +0000 High CVE-2026-32531

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through < 1.4.5.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32505 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32505 https://nvd.nist.gov/vuln/detail/CVE-2026-32505 Wed, 25 Mar 2026 17:17:02 +0000 High CVE-2026-32505

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy: from n/a through <= 2.0.8.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32504 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32504 https://nvd.nist.gov/vuln/detail/CVE-2026-32504 Wed, 25 Mar 2026 17:17:02 +0000 High CVE-2026-32504

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS VintWood vintwood allows PHP Local File Inclusion.This issue affects VintWood: from n/a through <= 1.1.8.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32503 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32503 https://nvd.nist.gov/vuln/detail/CVE-2026-32503 Wed, 25 Mar 2026 17:17:02 +0000 High CVE-2026-32503

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Trendustry trendustry allows PHP Local File Inclusion.This issue affects Trendustry: from n/a through <= 1.1.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32500 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32500 https://nvd.nist.gov/vuln/detail/CVE-2026-32500 Wed, 25 Mar 2026 17:17:01 +0000 High CVE-2026-32500

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS MetaMax metamax allows PHP Local File Inclusion.This issue affects MetaMax: from n/a through <= 1.1.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27081 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27081 https://nvd.nist.gov/vuln/detail/CVE-2026-27081 Wed, 25 Mar 2026 17:16:55 +0000 High CVE-2026-27081

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from n/a through <= 1.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27080 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27080 https://nvd.nist.gov/vuln/detail/CVE-2026-27080 Wed, 25 Mar 2026 17:16:55 +0000 High CVE-2026-27080

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Deston deston allows PHP Local File Inclusion.This issue affects Deston: from n/a through <= 1.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27079 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27079 https://nvd.nist.gov/vuln/detail/CVE-2026-27079 Wed, 25 Mar 2026 17:16:55 +0000 High CVE-2026-27079

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Amfissa amfissa allows PHP Local File Inclusion.This issue affects Amfissa: from n/a through <= 1.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27078 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27078 https://nvd.nist.gov/vuln/detail/CVE-2026-27078 Wed, 25 Mar 2026 17:16:55 +0000 High CVE-2026-27078

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from n/a through <= 1.0.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27077 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27077 https://nvd.nist.gov/vuln/detail/CVE-2026-27077 Wed, 25 Mar 2026 17:16:55 +0000 High CVE-2026-27077

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.This issue affects MultiOffice: from n/a through <= 1.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27076 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27076 https://nvd.nist.gov/vuln/detail/CVE-2026-27076 Wed, 25 Mar 2026 17:16:55 +0000 High CVE-2026-27076

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through <= 1.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27075 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27075 https://nvd.nist.gov/vuln/detail/CVE-2026-27075 Wed, 25 Mar 2026 17:16:54 +0000 High CVE-2026-27075

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Belfort belfort allows PHP Local File Inclusion.This issue affects Belfort: from n/a through <= 1.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27048 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27048 https://nvd.nist.gov/vuln/detail/CVE-2026-27048 Wed, 25 Mar 2026 17:16:54 +0000 High CVE-2026-27048

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects The Aisle Core: from n/a through <= 2.0.5.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27047 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27047 https://nvd.nist.gov/vuln/detail/CVE-2026-27047 Wed, 25 Mar 2026 17:16:53 +0000 High CVE-2026-27047

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Curly Core curly-core allows PHP Local File Inclusion.This issue affects Curly Core: from n/a through <= 2.1.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25464 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25464 https://nvd.nist.gov/vuln/detail/CVE-2026-25464 Wed, 25 Mar 2026 17:16:52 +0000 High CVE-2026-25464

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through <= 7.6.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25458 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25458 https://nvd.nist.gov/vuln/detail/CVE-2026-25458 Wed, 25 Mar 2026 17:16:52 +0000 High CVE-2026-25458

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Moments moments allows PHP Local File Inclusion.This issue affects Moments: from n/a through <= 2.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25457 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25457 https://nvd.nist.gov/vuln/detail/CVE-2026-25457 Wed, 25 Mar 2026 17:16:51 +0000 High CVE-2026-25457

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Mixtape mixtape allows PHP Local File Inclusion.This issue affects Mixtape: from n/a through <= 2.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25382 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25382 https://nvd.nist.gov/vuln/detail/CVE-2026-25382 Wed, 25 Mar 2026 17:16:48 +0000 High CVE-2026-25382

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes IdealAuto idealauto allows PHP Local File Inclusion.This issue affects IdealAuto: from n/a through < 3.8.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25381 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25381 https://nvd.nist.gov/vuln/detail/CVE-2026-25381 Wed, 25 Mar 2026 17:16:48 +0000 High CVE-2026-25381

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes LoveDate lovedate allows PHP Local File Inclusion.This issue affects LoveDate: from n/a through < 3.8.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25380 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25380 https://nvd.nist.gov/vuln/detail/CVE-2026-25380 Wed, 25 Mar 2026 17:16:48 +0000 High CVE-2026-25380

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes Feedy feedy allows PHP Local File Inclusion.This issue affects Feedy: from n/a through < 2.1.5.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25379 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25379 https://nvd.nist.gov/vuln/detail/CVE-2026-25379 Wed, 25 Mar 2026 17:16:48 +0000 High CVE-2026-25379

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes StreamVid streamvid allows PHP Local File Inclusion.This issue affects StreamVid: from n/a through < 6.8.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-25017 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-25017 https://nvd.nist.gov/vuln/detail/CVE-2026-25017 Wed, 25 Mar 2026 17:16:42 +0000 High CVE-2026-25017

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows PHP Local File Inclusion.This issue affects NaturaLife Extensions: from n/a through <= 2.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22516 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22516 https://nvd.nist.gov/vuln/detail/CVE-2026-22516 Wed, 25 Mar 2026 17:16:34 +0000 High CVE-2026-22516

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wizor's wizors-investments allows PHP Local File Inclusion.This issue affects Wizor's: from n/a through <= 2.12.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22515 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22515 https://nvd.nist.gov/vuln/detail/CVE-2026-22515 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22515

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes VegaDays vegadays allows PHP Local File Inclusion.This issue affects VegaDays: from n/a through <= 1.2.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22514 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22514 https://nvd.nist.gov/vuln/detail/CVE-2026-22514 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22514

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through <= 1.4.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22513 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22513 https://nvd.nist.gov/vuln/detail/CVE-2026-22513 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22513

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Triompher triompher allows PHP Local File Inclusion.This issue affects Triompher: from n/a through <= 1.1.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22512 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22512 https://nvd.nist.gov/vuln/detail/CVE-2026-22512 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22512

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Roisin roisin allows PHP Local File Inclusion.This issue affects Roisin: from n/a through <= 1.2.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22511 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22511 https://nvd.nist.gov/vuln/detail/CVE-2026-22511 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22511

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through <= 1.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22509 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22509 https://nvd.nist.gov/vuln/detail/CVE-2026-22509 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22509

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through <= 1.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22508 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22508 https://nvd.nist.gov/vuln/detail/CVE-2026-22508 Wed, 25 Mar 2026 17:16:33 +0000 High CVE-2026-22508

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through <= 3.3.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22506 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22506 https://nvd.nist.gov/vuln/detail/CVE-2026-22506 Wed, 25 Mar 2026 17:16:32 +0000 High CVE-2026-22506

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Amoli amoli allows PHP Local File Inclusion.This issue affects Amoli: from n/a through <= 1.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22504 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22504 https://nvd.nist.gov/vuln/detail/CVE-2026-22504 Wed, 25 Mar 2026 17:16:32 +0000 High CVE-2026-22504

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through <= 1.1.12.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22503 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22503 https://nvd.nist.gov/vuln/detail/CVE-2026-22503 Wed, 25 Mar 2026 17:16:32 +0000 High CVE-2026-22503

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through <= 1.2.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22502 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22502 https://nvd.nist.gov/vuln/detail/CVE-2026-22502 Wed, 25 Mar 2026 17:16:32 +0000 High CVE-2026-22502

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through <= 1.1.9.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22499 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22499 https://nvd.nist.gov/vuln/detail/CVE-2026-22499 Wed, 25 Mar 2026 17:16:31 +0000 High CVE-2026-22499

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through <= 1.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22498 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22498 https://nvd.nist.gov/vuln/detail/CVE-2026-22498 Wed, 25 Mar 2026 17:16:31 +0000 High CVE-2026-22498

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through <= 3.1.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22496 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22496 https://nvd.nist.gov/vuln/detail/CVE-2026-22496 Wed, 25 Mar 2026 17:16:31 +0000 High CVE-2026-22496

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Hypnotherapy hypnotherapy allows PHP Local File Inclusion.This issue affects Hypnotherapy: from n/a through <= 1.2.10.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22495 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22495 https://nvd.nist.gov/vuln/detail/CVE-2026-22495 Wed, 25 Mar 2026 17:16:31 +0000 High CVE-2026-22495

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Greenville greenville allows PHP Local File Inclusion.This issue affects Greenville: from n/a through <= 1.3.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22494 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22494 https://nvd.nist.gov/vuln/detail/CVE-2026-22494 Wed, 25 Mar 2026 17:16:31 +0000 High CVE-2026-22494

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Good Homes good-homes allows PHP Local File Inclusion.This issue affects Good Homes: from n/a through <= 1.3.13.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22493 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22493 https://nvd.nist.gov/vuln/detail/CVE-2026-22493 Wed, 25 Mar 2026 17:16:31 +0000 High CVE-2026-22493

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through <= 1.3.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-22324 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-22324 https://nvd.nist.gov/vuln/detail/CVE-2026-22324 Fri, 20 Mar 2026 10:16:18 +0000 High CVE-2026-22324

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Melania allows PHP Local File Inclusion.This issue affects Melania: from n/a through 2.5.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [Critical] CVE-2026-27065 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27065 https://nvd.nist.gov/vuln/detail/CVE-2026-27065 Thu, 19 Mar 2026 09:16:17 +0000 Critical CVE-2026-27065

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress BuilderPress builderpress allows PHP Local File Inclusion.This issue affects BuilderPress: from n/a through <= 2.0.1.

CVSS: 9.8 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-27093 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-27093 https://nvd.nist.gov/vuln/detail/CVE-2026-27093 Thu, 19 Mar 2026 07:15:59 +0000 High CVE-2026-27093

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through < 1.5.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32426 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32426 https://nvd.nist.gov/vuln/detail/CVE-2026-32426 Fri, 13 Mar 2026 19:55:00 +0000 High CVE-2026-32426

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themelexus Medilazar Core medilazar-core allows PHP Local File Inclusion.This issue affects Medilazar Core: from n/a through < 1.4.7.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32401 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32401 https://nvd.nist.gov/vuln/detail/CVE-2026-32401 Fri, 13 Mar 2026 19:54:56 +0000 High CVE-2026-32401

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local File Inclusion.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.9.

CVSS: 7.2 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32400 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32400 https://nvd.nist.gov/vuln/detail/CVE-2026-32400 Fri, 13 Mar 2026 19:54:55 +0000 High CVE-2026-32400

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through <= 7.7.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32393 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32393 https://nvd.nist.gov/vuln/detail/CVE-2026-32393 Fri, 13 Mar 2026 19:54:54 +0000 High CVE-2026-32393

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through < 8.2.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32392 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32392 https://nvd.nist.gov/vuln/detail/CVE-2026-32392 Fri, 13 Mar 2026 19:54:54 +0000 High CVE-2026-32392

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through <= 8.1.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32384 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32384 https://nvd.nist.gov/vuln/detail/CVE-2026-32384 Fri, 13 Mar 2026 19:54:53 +0000 High CVE-2026-32384

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpBookingly service-booking-manager allows PHP Local File Inclusion.This issue affects WpBookingly: from n/a through <= 1.2.9.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32369 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32369 https://nvd.nist.gov/vuln/detail/CVE-2026-32369 Fri, 13 Mar 2026 19:54:51 +0000 High CVE-2026-32369

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through < 2.0.7.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-32364 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-32364 https://nvd.nist.gov/vuln/detail/CVE-2026-32364 Fri, 13 Mar 2026 19:54:50 +0000 High CVE-2026-32364

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in redqteam Turbo Manager turbo-manager allows PHP Local File Inclusion.This issue affects Turbo Manager: from n/a through < 4.0.8.

CVSS: 7.5 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28129 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28129 https://nvd.nist.gov/vuln/detail/CVE-2026-28129 Thu, 05 Mar 2026 06:16:47 +0000 High CVE-2026-28129

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Little Birdies little-birdies allows PHP Local File Inclusion.This issue affects Little Birdies: from n/a through <= 1.3.16.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28128 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28128 https://nvd.nist.gov/vuln/detail/CVE-2026-28128 Thu, 05 Mar 2026 06:16:47 +0000 High CVE-2026-28128

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through <= 1.7.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28125 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28125 https://nvd.nist.gov/vuln/detail/CVE-2026-28125 Thu, 05 Mar 2026 06:16:47 +0000 High CVE-2026-28125

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Midi midi allows PHP Local File Inclusion.This issue affects Midi: from n/a through <= 1.14.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28124 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28124 https://nvd.nist.gov/vuln/detail/CVE-2026-28124 Thu, 05 Mar 2026 06:16:47 +0000 High CVE-2026-28124

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Notarius notarius allows PHP Local File Inclusion.This issue affects Notarius: from n/a through <= 1.9.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28123 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28123 https://nvd.nist.gov/vuln/detail/CVE-2026-28123 Thu, 05 Mar 2026 06:16:47 +0000 High CVE-2026-28123

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through <= 1.9.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28121 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28121 https://nvd.nist.gov/vuln/detail/CVE-2026-28121 Thu, 05 Mar 2026 06:16:46 +0000 High CVE-2026-28121

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Anderson andersonclinic allows PHP Local File Inclusion.This issue affects Anderson: from n/a through <= 1.4.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28120 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28120 https://nvd.nist.gov/vuln/detail/CVE-2026-28120 Thu, 05 Mar 2026 06:16:46 +0000 High CVE-2026-28120

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dr.Patterson dr-patterson allows PHP Local File Inclusion.This issue affects Dr.Patterson: from n/a through <= 1.3.2.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28119 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28119 https://nvd.nist.gov/vuln/detail/CVE-2026-28119 Thu, 05 Mar 2026 06:16:46 +0000 High CVE-2026-28119

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Nirvana nir-vana allows PHP Local File Inclusion.This issue affects Nirvana: from n/a through <= 2.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28118 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28118 https://nvd.nist.gov/vuln/detail/CVE-2026-28118 Thu, 05 Mar 2026 06:16:46 +0000 High CVE-2026-28118

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Welldone welldone allows PHP Local File Inclusion.This issue affects Welldone: from n/a through <= 2.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28117 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28117 https://nvd.nist.gov/vuln/detail/CVE-2026-28117 Thu, 05 Mar 2026 06:16:46 +0000 High CVE-2026-28117

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through <= 2.9.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28107 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28107 https://nvd.nist.gov/vuln/detail/CVE-2026-28107 Thu, 05 Mar 2026 06:16:45 +0000 High CVE-2026-28107

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Muzicon muzicon allows PHP Local File Inclusion.This issue affects Muzicon: from n/a through <= 1.9.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28098 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28098 https://nvd.nist.gov/vuln/detail/CVE-2026-28098 Thu, 05 Mar 2026 06:16:44 +0000 High CVE-2026-28098

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through <= 1.2.13.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28097 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28097 https://nvd.nist.gov/vuln/detail/CVE-2026-28097 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28097

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Artrium artrium allows PHP Local File Inclusion.This issue affects Artrium: from n/a through <= 1.0.14.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28096 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28096 https://nvd.nist.gov/vuln/detail/CVE-2026-28096 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28096

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX WealthCo wealthco allows PHP Local File Inclusion.This issue affects WealthCo: from n/a through <= 2.18.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28095 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28095 https://nvd.nist.gov/vuln/detail/CVE-2026-28095 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28095

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through <= 1.2.14.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28094 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28094 https://nvd.nist.gov/vuln/detail/CVE-2026-28094 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28094

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX RexCoin rexcoin allows PHP Local File Inclusion.This issue affects RexCoin: from n/a through <= 1.2.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28093 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28093 https://nvd.nist.gov/vuln/detail/CVE-2026-28093 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28093

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Ozisti ozisti allows PHP Local File Inclusion.This issue affects Ozisti: from n/a through <= 1.1.10.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28092 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28092 https://nvd.nist.gov/vuln/detail/CVE-2026-28092 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28092

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Sounder sounder allows PHP Local File Inclusion.This issue affects Sounder: from n/a through <= 1.3.11.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28091 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28091 https://nvd.nist.gov/vuln/detail/CVE-2026-28091 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28091

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Coleo coleo allows PHP Local File Inclusion.This issue affects Coleo: from n/a through <= 1.1.7.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28090 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28090 https://nvd.nist.gov/vuln/detail/CVE-2026-28090 Thu, 05 Mar 2026 06:16:43 +0000 High CVE-2026-28090

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Gamezone gamezone allows PHP Local File Inclusion.This issue affects Gamezone: from n/a through <= 1.1.11.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28089 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28089 https://nvd.nist.gov/vuln/detail/CVE-2026-28089 Thu, 05 Mar 2026 06:16:42 +0000 High CVE-2026-28089

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Daiquiri daiquiri allows PHP Local File Inclusion.This issue affects Daiquiri: from n/a through <= 1.2.4.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28088 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28088 https://nvd.nist.gov/vuln/detail/CVE-2026-28088 Thu, 05 Mar 2026 06:16:42 +0000 High CVE-2026-28088

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aqualots aqualots allows PHP Local File Inclusion.This issue affects Aqualots: from n/a through <= 1.1.6.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28087 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28087 https://nvd.nist.gov/vuln/detail/CVE-2026-28087 Thu, 05 Mar 2026 06:16:42 +0000 High CVE-2026-28087

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Filmax filmax allows PHP Local File Inclusion.This issue affects Filmax: from n/a through <= 1.1.11.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28086 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28086 https://nvd.nist.gov/vuln/detail/CVE-2026-28086 Thu, 05 Mar 2026 06:16:42 +0000 High CVE-2026-28086

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Run Gran run-gran allows PHP Local File Inclusion.This issue affects Run Gran: from n/a through <= 2.0.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]> [High] CVE-2026-28085 – Improper Control of Filename for Include/Require Statement in PHP Program ('PHP ... https://nvd.nist.gov/vuln/detail/CVE-2026-28085 https://nvd.nist.gov/vuln/detail/CVE-2026-28085 Thu, 05 Mar 2026 06:16:42 +0000 High CVE-2026-28085

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Mahogany mahogany allows PHP Local File Inclusion.This issue affects Mahogany: from n/a through <= 2.9.

CVSS: 8.1 · CWE: CWE-98

View on NVD

]]>