Filtered by CWE-98

Search

Switch to Advanced Search (Beta)
Total 1046 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-58931 2 Axiomthemes, Wordpress 2 Palatio, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6.
CVE-2025-58932 2 Axiomthemes, Wordpress 2 Prisma, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through <= 1.10.
CVE-2025-58940 2 Axiomthemes, Wordpress 2 Basil, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12.
CVE-2025-58941 2 Axiomthemes, Wordpress 2 Fabric, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0.
CVE-2025-58942 2 Axiomthemes, Wordpress 2 Dwell, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0.
CVE-2025-58943 2 Axiomthemes, Wordpress 2 Agricola, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through <= 1.1.0.
CVE-2025-58944 2 Axiomthemes, Wordpress 2 Manufactory, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Manufactory manufactory allows PHP Local File Inclusion.This issue affects Manufactory: from n/a through <= 1.4.
CVE-2026-24531 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3.
CVE-2025-54003 2 Mikado-themes, Wordpress 2 Depot, Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Depot depot allows PHP Local File Inclusion.This issue affects Depot: from n/a through <= 1.16.
CVE-2025-50003 2 Axiomthemes, Wordpress 2 Amuli, Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Amuli amuli allows PHP Local File Inclusion.This issue affects Amuli: from n/a through <= 2.3.0.
CVE-2025-49994 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through <= 1.1.6.
CVE-2025-47474 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ninetheme Anarkali anarkali allows PHP Local File Inclusion.This issue affects Anarkali: from n/a through <= 1.0.9.
CVE-2026-22401 1 Wordpress 1 Wordpress 2026-01-26 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Freshio freshio allows PHP Local File Inclusion.This issue affects Freshio: from n/a through <= 2.4.2.
CVE-2026-24390 3 Elementor, Qantumthemes, Wordpress 3 Elementor, Kentha Elementor Widgets, Wordpress 2026-01-26 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through < 3.1.
CVE-2026-24538 2 Omnipressteam, Wordpress 2 Omnipress, Wordpress 2026-01-26 7.6 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.6.
CVE-2026-22464 2 Wordpress, Wphocus 2 Wordpress, My Auctions Allegro 2026-01-26 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows PHP Local File Inclusion.This issue affects My auctions allegro: from n/a through <= 3.6.33.
CVE-2026-23978 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through <= 2.2.1.
CVE-2026-23975 2 Uxper, Wordpress 2 Golo, Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through < 1.7.5.
CVE-2024-49690 1 Qodeinteractive 1 Qi Blocks 2026-01-26 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Interactive Qi Blocks.This issue affects Qi Blocks: from n/a through 1.3.2.
CVE-2024-50457 1 Qodeinteractive 1 Qode Essential Addons 2026-01-26 7.5 High
: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.6.3.