CWE-98 CVEs and Security Vulnerabilities

Filtered by CWE-98

Search

Switch to Advanced Search (Beta)

Total 1108 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-22509	1 Wordpress	1 Wordpress	2026-04-01	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TMRW-studio Atlas atlas allows PHP Local File Inclusion.This issue affects Atlas: from n/a through <= 2.1.0.
CVE-2025-14431	1 Wordpress	1 Wordpress	2026-04-01	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in THEMELOGI Navian navian allows PHP Local File Inclusion.This issue affects Navian: from n/a through <= 1.5.4.
CVE-2025-14429	2 Thememove, Wordpress	2 Aeroland, Wordpress	2026-04-01	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through <= 1.6.6.
CVE-2025-14359	1 Wordpress	1 Wordpress	2026-04-01	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in brandexponents Oshine oshin allows PHP Local File Inclusion.This issue affects Oshine: from n/a through <= 7.2.7.
CVE-2025-12550	1 Wordpress	1 Wordpress	2026-04-01	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes OchaHouse ochahouse allows PHP Local File Inclusion.This issue affects OchaHouse: from n/a through <= 2.2.8.
CVE-2025-12549	1 Wordpress	1 Wordpress	2026-04-01	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Rozy - Flower Shop rozy allows PHP Local File Inclusion.This issue affects Rozy - Flower Shop: from n/a through <= 1.2.25.
CVE-2026-22493	2 Elated-themes, Wordpress	2 Gaspard, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through <= 1.3.
CVE-2026-22494	2 Themerex, Wordpress	2 Good Homes, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Good Homes good-homes allows PHP Local File Inclusion.This issue affects Good Homes: from n/a through <= 1.3.13.
CVE-2026-22495	2 Ancorathemes, Wordpress	2 Greenville, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Greenville greenville allows PHP Local File Inclusion.This issue affects Greenville: from n/a through <= 1.3.2.
CVE-2026-22496	2 Ancorathemes, Wordpress	2 Hypnotherapy, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Hypnotherapy hypnotherapy allows PHP Local File Inclusion.This issue affects Hypnotherapy: from n/a through <= 1.2.10.
CVE-2026-22498	2 Elated-themes, Wordpress	2 Laurent, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through <= 3.1.
CVE-2026-22499	2 Elated-themes, Wordpress	2 Lella, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Lella lella allows PHP Local File Inclusion.This issue affects Lella: from n/a through <= 1.2.
CVE-2026-22502	2 Ancorathemes, Wordpress	2 Mr. Cobbler, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through <= 1.1.9.
CVE-2026-22503	2 Themerex, Wordpress	2 Nelson, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through <= 1.2.0.
CVE-2026-22504	2 Themerex, Wordpress	2 Prolingua, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ProLingua prolingua allows PHP Local File Inclusion.This issue affects ProLingua: from n/a through <= 1.1.12.
CVE-2026-22506	2 Elated-themes, Wordpress	2 Amoli, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Amoli amoli allows PHP Local File Inclusion.This issue affects Amoli: from n/a through <= 1.0.
CVE-2026-22508	2 Ancorathemes, Wordpress	2 Dentalux, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through <= 3.3.
CVE-2026-22509	2 Elated-themes, Wordpress	2 Gioia, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Gioia gioia allows PHP Local File Inclusion.This issue affects Gioia: from n/a through <= 1.4.
CVE-2026-22511	2 Elated-themes, Wordpress	2 Neobeat, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes NeoBeat neobeat allows PHP Local File Inclusion.This issue affects NeoBeat: from n/a through <= 1.2.
CVE-2026-22512	2 Elated-themes, Wordpress	2 Roisin, Wordpress	2026-03-27	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Roisin roisin allows PHP Local File Inclusion.This issue affects Roisin: from n/a through <= 1.2.1.

« first previous Page 48 of 56. next last »