Total
986 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49313 | 2025-06-06 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW allows PHP Local File Inclusion. This issue affects BRW: from n/a through 1.8.6.
|
|||||
| CVE-2023-25995 | 2025-06-06 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator allows PHP Local File Inclusion. This issue affects AI Mortgage Calculator: from n/a through 1.0.1.
|
|||||
| CVE-2025-48136 | 1 Estatik | 1 Mortgage Calculator | 2025-05-30 | N/A | 7.5 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Estatik Mortgage Calculator Estatik allows PHP Local File Inclusion. This issue affects Mortgage Calculator Estatik: from n/a through 2.0.12.
|
|||||
| CVE-2025-32158 | 1 Athemes | 1 Athemes Addons For Elementor | 2025-05-29 | N/A | 7.5 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in aThemes aThemes Addons for Elementor. This issue affects aThemes Addons for Elementor: from n/a through 1.0.15.
|
|||||
| CVE-2024-51319 | 1 Zucchetti | 1 Ad Hoc Infinity | 2025-05-28 | N/A | 7.3 HIGH |
|
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimg_upload.jsp.
|
|||||
| CVE-2025-30849 | 1 G5plus | 1 Essential Real Estate | 2025-05-27 | N/A | 8.1 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.0.
|
|||||
| CVE-2025-30870 | 1 Wptravelengine | 1 Wp Travel Engine | 2025-05-27 | N/A | 8.1 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5.
|
|||||
| CVE-2022-40089 | 1 Simple College Website Project | 1 Simple College Website | 2025-05-27 | N/A | 9.8 CRITICAL |
|
A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allow_url_include is set to On.
|
|||||
| CVE-2024-13592 | 1 Webdevocean | 1 Team-builder-for-wpbakery-page-builder | 2025-05-24 | N/A | 7.5 HIGH |
|
The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'team-builder-vc' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code executio ...
Show More |
|||||
| CVE-2025-46444 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in scripteo Ads Pro Plugin allows PHP Local File Inclusion. This issue affects Ads Pro Plugin: from n/a through 4.88.
|
|||||
| CVE-2025-31913 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Ogami allows PHP Local File Inclusion. This issue affects Ogami: from n/a through 1.53.
|
|||||
| CVE-2025-46468 | 2025-05-23 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPFable Fable Extra allows PHP Local File Inclusion. This issue affects Fable Extra: from n/a through 1.0.6.
|
|||||
| CVE-2025-31060 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Capie allows PHP Local File Inclusion. This issue affects Capie: from n/a through 1.0.40.
|
|||||
| CVE-2025-32289 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Yozi allows PHP Local File Inclusion. This issue affects Yozi: from n/a through 2.0.52.
|
|||||
| CVE-2025-47672 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange miniOrange Discord Integration allows PHP Local File Inclusion. This issue affects miniOrange Discord Integration: from n/a through 2.2.2.
|
|||||
| CVE-2025-31064 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Vizeon - Business Consulting allows PHP Local File Inclusion. This issue affects Vizeon - Business Consulting: from n/a through 1.1.7.
|
|||||
| CVE-2025-32286 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Butcher allows PHP Local File Inclusion. This issue affects Butcher: from n/a through 2.40.
|
|||||
| CVE-2025-47670 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register allows PHP Local File Inclusion. This issue affects WordPress Social Login and Register: from n/a through 7.6.10.
|
|||||
| CVE-2025-31632 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SpyroPress La Boom allows PHP Local File Inclusion. This issue affects La Boom: from n/a through 2.7.
|
|||||
| CVE-2025-48292 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GoodLayers Tourmaster allows PHP Local File Inclusion. This issue affects Tourmaster: from n/a through 5.3.8.
|
|||||
| CVE-2025-46474 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SEUR OFICIAL SEUR Oficial allows PHP Local File Inclusion. This issue affects SEUR Oficial: from n/a through 2.2.23.
|
|||||
| CVE-2025-46454 | 2025-05-23 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in svil4ok Meta Keywords & Description allows PHP Local File Inclusion. This issue affects Meta Keywords & Description: from n/a through 0.8.
|
|||||
| CVE-2025-32302 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Winnex allows PHP Local File Inclusion. This issue affects Winnex: from n/a through 1.3.2.
|
|||||
| CVE-2025-31912 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Enzio - Responsive Business WordPress Theme allows PHP Local File Inclusion. This issue affects Enzio - Responsive Business WordPress Theme: from n/a through 1.1.8.
|
|||||
| CVE-2025-39506 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2.
|
|||||
| CVE-2025-31633 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kiamo - Responsive Business Service WordPress Theme allows PHP Local File Inclusion. This issue affects Kiamo - Responsive Business Service WordPress Theme: from n/a through 1.3.3.
|
|||||
| CVE-2025-32294 | 2025-05-23 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Oxpitan allows PHP Local File Inclusion. This issue affects Oxpitan: from n/a through 1.3.1.
|
|||||
| CVE-2025-26735 | 2025-05-21 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Candid themes Grip.This issue affects Grip: from n/a through 1.0.9.
|
|||||
| CVE-2025-47576 | 2025-05-21 | N/A | 8.8 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bringthepixel Bimber - Viral Magazine WordPress Theme.This issue affects Bimber - Viral Magazine WordPress Theme: from n/a through 9.2.5.
|
|||||
| CVE-2025-39406 | 2025-05-21 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPAMS allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through 44.0.
|
|||||
| CVE-2025-39364 | 2025-05-21 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginEver Product Category Slider for WooCommerce allows PHP Local File Inclusion.This issue affects Product Category Slider for WooCommerce: from n/a through 4.3.4.
|
|||||
| CVE-2025-39411 | 2025-05-21 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Indie_Plugins WhatsApp Click to Chat Plugin for WordPress.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through 2.2.12.
|
|||||
| CVE-2025-39396 | 2025-05-21 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through 2.3.6.
|
|||||
| CVE-2025-47693 | 2025-05-19 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Services Booking allows PHP Local File Inclusion. This issue affects FAT Services Booking: from n/a through 5.5.
|
|||||
| CVE-2025-32152 | 2025-05-13 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Essential Plugins by WP OnlineSupport Slider a SlidersPack allows PHP Local File Inclusion.
This issue affects Slider a SlidersPack: from n/a through 2.3.
|
|||||
| CVE-2022-41547 | 1 Opensecurity | 1 Mobile Security Framework | 2025-05-10 | N/A | 7.5 HIGH |
|
Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.
|
|||||
| CVE-2025-47510 | 2025-05-08 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fullworks Display Eventbrite Events allows PHP Local File Inclusion. This issue affects Display Eventbrite Events: from n/a through n/a.
|
|||||
| CVE-2025-47496 | 2025-05-08 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress PublishPress Authors allows PHP Local File Inclusion. This issue affects PublishPress Authors: from n/a through 4.7.5.
|
|||||
| CVE-2025-47439 | 2025-05-08 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Chill Download Monitor allows PHP Local File Inclusion. This issue affects Download Monitor: from n/a through 5.0.22.
|
|||||
| CVE-2025-47498 | 2025-05-08 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking allows PHP Local File Inclusion. This issue affects Hotel Booking: from n/a through 3.6.
|
|||||