Filtered by CWE-98

Search

Switch to Advanced Search (Beta)
Total 1110 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-24538 2 Omnipressteam, Wordpress 2 Omnipress, Wordpress 2026-04-01 7.6 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.7.
CVE-2026-22416 2 Ancorathemes, Wordpress 2 Fixteam, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.This issue affects FixTeam: from n/a through <= 1.5.0.
CVE-2025-68987 2 Edge-themes, Wordpress 2 Cinerama, Wordpress 2026-04-01 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Cinerama cinerama allows PHP Local File Inclusion.This issue affects Cinerama: from n/a through <= 2.9.
CVE-2025-64284 2 Majesticsupport, Wordpress 2 Majestic Support, Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Majestic Support Majestic Support majestic-support allows PHP Local File Inclusion.This issue affects Majestic Support: from n/a through <= 1.0.7.
CVE-2025-63074 2 Dream-theme, Wordpress 2 The7, Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dream-Theme The7 dt-the7 allows PHP Local File Inclusion.This issue affects The7: from n/a through < 12.8.1.1.
CVE-2025-60248 2 Wordpress, Wpclever 2 Wordpress, Wpc Product Bundles For Woocommerce 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPClever WPC Product Options for WooCommerce wpc-product-options allows PHP Local File Inclusion.This issue affects WPC Product Options for WooCommerce: from n/a through <= 3.1.3.
CVE-2025-60201 1 Wordpress 1 Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aguilatechnologies WP Customer Area customer-area allows PHP Local File Inclusion.This issue affects WP Customer Area: from n/a through <= 8.3.4.
CVE-2025-60200 2 Thimpress, Wordpress 2 Learnpress Export Import, Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows PHP Local File Inclusion.This issue affects LearnPress Export Import: from n/a through <= 4.1.2.
CVE-2025-60078 1 Wordpress 1 Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Agence web Eoxia &#8211; Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through <= 3.0.2.
CVE-2025-60076 2 Jbhovik, Wordpress 2 Ray Enterprise Translation, Wordpress 2026-04-01 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.1.
CVE-2025-60071 3 Don-themes, Woocommerce, Wordpress 3 Riode, Woocommerce, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in don-themes Riode riode allows PHP Local File Inclusion.This issue affects Riode: from n/a through <= 1.6.23.
CVE-2025-53436 1 Wordpress 1 Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Monki monki allows PHP Local File Inclusion.This issue affects Monki: from n/a through <= 2.0.5.
CVE-2025-49921 1 Wordpress 1 Wordpress 2026-04-01 7.3 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 3.0.0.
CVE-2025-14430 2 Thememove, Wordpress 2 Brook, Wordpress 2026-04-01 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook brook allows PHP Local File Inclusion.This issue affects Brook: from n/a through <= 2.9.0.
CVE-2026-28129 2 Axiomthemes, Wordpress 2 Little Birdies, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Little Birdies little-birdies allows PHP Local File Inclusion.This issue affects Little Birdies: from n/a through <= 1.3.16.
CVE-2026-28128 2 Themerex, Wordpress 2 Verse, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through <= 1.7.0.
CVE-2026-28125 2 Ancorathemes, Wordpress 2 Midi, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Midi midi allows PHP Local File Inclusion.This issue affects Midi: from n/a through <= 1.14.
CVE-2026-28124 2 Ancorathemes, Wordpress 2 Notarius, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Notarius notarius allows PHP Local File Inclusion.This issue affects Notarius: from n/a through <= 1.9.
CVE-2026-28123 2 Ancorathemes, Wordpress 2 Veil, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through <= 1.9.
CVE-2026-28121 2 Ancorathemes, Wordpress 2 Anderson, Wordpress 2026-04-01 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Anderson andersonclinic allows PHP Local File Inclusion.This issue affects Anderson: from n/a through <= 1.4.2.