Total
986 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54709 | 2025-09-11 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Sala. This issue affects Sala: from n/a through 1.1.6.
|
|||||
| CVE-2025-58215 | 2025-09-11 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Ziston allows PHP Local File Inclusion. This issue affects Ziston: from n/a through n/a.
|
|||||
| CVE-2025-9874 | 2025-09-11 | N/A | 7.5 HIGH | ||
|
The Ultimate Classified Listings plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6 via the 'uclwp_dashboard' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file type ...
Show More |
|||||
| CVE-2025-57889 | 2025-09-05 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RealMag777 InPost Gallery allows PHP Local File Inclusion. This issue affects InPost Gallery: from n/a through 2.1.4.5.
|
|||||
| CVE-2025-9990 | 2025-09-05 | N/A | 8.1 HIGH | ||
|
The WordPress Helpdesk Integration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.8.10 via the portal_type parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
|
|||||
| CVE-2025-58214 | 2025-09-05 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Indutri allows PHP Local File Inclusion. This issue affects Indutri: from n/a through n/a.
|
|||||
| CVE-2025-58637 | 2025-09-04 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart allows PHP Local File Inclusion. This issue affects immonex Kickstart: from n/a through 1.11.6.
|
|||||
| CVE-2025-58608 | 2025-09-04 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuddyDev MediaPress allows PHP Local File Inclusion. This issue affects MediaPress: from n/a through 1.5.9.1.
|
|||||
| CVE-2025-47696 | 2025-09-02 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Solwin Blog Designer PRO.This issue affects Blog Designer PRO: from n/a through 3.4.7.
|
|||||
| CVE-2025-49405 | 2025-08-30 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Favethemes Houzez allows PHP Local File Inclusion.This issue affects Houzez: from n/a before 4.1.4.
|
|||||
| CVE-2025-53244 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magazine Elite allows PHP Local File Inclusion. This issue affects Magazine Elite: from n/a through 1.2.4.
|
|||||
| CVE-2025-53227 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magazine Saga allows PHP Local File Inclusion. This issue affects Magazine Saga: from n/a through 1.2.7.
|
|||||
| CVE-2025-53326 | 2025-08-29 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodeYatri Gutenify allows PHP Local File Inclusion. This issue affects Gutenify: from n/a through 1.5.6.
|
|||||
| CVE-2025-54716 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ireca allows PHP Local File Inclusion. This issue affects Ireca: from n/a through 1.8.5.
|
|||||
| CVE-2025-53578 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kipso allows PHP Local File Inclusion. This issue affects Kipso: from n/a through 1.3.4.
|
|||||
| CVE-2025-53328 | 2025-08-29 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Assaf Parag Poll, Survey & Quiz Maker Plugin by Opinion Stage allows PHP Local File Inclusion. This issue affects Poll, Survey & Quiz Maker Plugin by Opinion Stage: from n/a through 19.11.0.
|
|||||
| CVE-2025-53334 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TieLabs Jannah allows PHP Local File Inclusion. This issue affects Jannah: from n/a through 7.4.1.
|
|||||
| CVE-2025-53248 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magazine allows PHP Local File Inclusion. This issue affects Magazine: from n/a through 1.2.2.
|
|||||
| CVE-2025-49383 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CocoBasic Neresa allows PHP Local File Inclusion. This issue affects Neresa: from n/a through 1.3.
|
|||||
| CVE-2025-53247 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPInterface BlogMarks allows PHP Local File Inclusion. This issue affects BlogMarks: from n/a through 1.0.8.
|
|||||
| CVE-2025-53576 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ovatheme Events allows PHP Local File Inclusion. This issue affects Ovatheme Events: from n/a through 1.2.8.
|
|||||
| CVE-2025-53216 | 2025-08-29 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeUniver Glamer allows PHP Local File Inclusion. This issue affects Glamer: from n/a through 1.0.2.
|
|||||
| CVE-2025-8913 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 9.8 CRITICAL |
|
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
|
|||||
| CVE-2025-54750 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FunnelKit Funnel Builder by FunnelKit allows PHP Local File Inclusion. This issue affects Funnel Builder by FunnelKit: from n/a through 3.11.1.
|
|||||
| CVE-2025-48302 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roxnor FundEngine allows PHP Local File Inclusion. This issue affects FundEngine: from n/a through 1.7.4.
|
|||||
| CVE-2025-48298 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Benjamin Denis SEOPress for MainWP allows PHP Local File Inclusion. This issue affects SEOPress for MainWP: from n/a through 1.4.
|
|||||
| CVE-2025-54028 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team Tobias CF7 WOW Styler allows PHP Local File Inclusion. This issue affects CF7 WOW Styler: from n/a through 1.7.2.
|
|||||
| CVE-2025-53565 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Widget for Google Reviews allows PHP Local File Inclusion. This issue affects Widget for Google Reviews: from n/a through 1.0.15.
|
|||||
| CVE-2025-54034 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Tribulant Software Newsletters allows PHP Local File Inclusion. This issue affects Newsletters: from n/a through 4.10.
|
|||||
| CVE-2025-53204 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme eventlist allows PHP Local File Inclusion. This issue affects eventlist: from n/a through 1.9.2.
|
|||||
| CVE-2025-54031 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board allows PHP Local File Inclusion. This issue affects Support Board: from n/a through 3.8.0.
|
|||||
| CVE-2025-48160 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CocoBasic Caliris allows PHP Local File Inclusion. This issue affects Caliris: from n/a through 1.5.
|
|||||
| CVE-2025-54017 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cozmoslabs Paid Member Subscriptions allows PHP Local File Inclusion. This issue affects Paid Member Subscriptions: from n/a through 2.15.4.
|
|||||
| CVE-2025-48157 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Michele Giorgi Formality allows PHP Local File Inclusion. This issue affects Formality: from n/a through 1.5.9.
|
|||||
| CVE-2025-48149 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dedalx Cook&Meal allows PHP Local File Inclusion. This issue affects Cook&Meal: from n/a through 1.2.3.
|
|||||
| CVE-2025-53210 | 2025-08-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in bdthemes ZoloBlocks allows PHP Local File Inclusion. This issue affects ZoloBlocks: from n/a through 2.3.2.
|
|||||
| CVE-2025-53207 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel WP Travel Gutenberg Blocks allows PHP Local File Inclusion. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.0.
|
|||||
| CVE-2025-53198 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez allows PHP Local File Inclusion. This issue affects Houzez: from n/a through 4.0.4.
|
|||||
| CVE-2025-53567 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Ghost Kit allows PHP Local File Inclusion. This issue affects Ghost Kit: from n/a through 3.4.1.
|
|||||
| CVE-2025-48171 | 2025-08-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Cena Store allows PHP Local File Inclusion. This issue affects Cena Store: from n/a through 2.11.26.
|
|||||