Total
986 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32654 | 2025-04-11 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.65.
|
|||||
| CVE-2025-31040 | 2025-04-11 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound WP Food ordering and Restaurant Menu allows PHP Local File Inclusion. This issue affects WP Food ordering and Restaurant Menu: from n/a through 1.1.
|
|||||
| CVE-2025-32668 | 2025-04-11 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3.
|
|||||
| CVE-2025-32589 | 2025-04-11 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in odude Flexi – Guest Submit allows PHP Local File Inclusion. This issue affects Flexi – Guest Submit: from n/a through 4.28.
|
|||||
| CVE-2025-31014 | 2025-04-11 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ho3einie Material Dashboard allows PHP Local File Inclusion. This issue affects Material Dashboard: from n/a through 1.4.5.
|
|||||
| CVE-2024-36569 | 1 Mayurik | 1 Gas Agency Management System | 2025-04-11 | N/A | 8.1 HIGH |
|
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php.
|
|||||
| CVE-2025-32692 | 2025-04-09 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle WP Subscription Forms allows PHP Local File Inclusion. This issue affects WP Subscription Forms: from n/a through 1.2.4.
|
|||||
| CVE-2025-32499 | 2025-04-09 | N/A | 6.5 MEDIUM | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Logo Showcase Ultimate allows PHP Local File Inclusion. This issue affects Logo Showcase Ultimate: from n/a through 1.4.4.
|
|||||
| CVE-2025-31098 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in debounce DeBounce Email Validator allows PHP Local File Inclusion. This issue affects DeBounce Email Validator: from n/a through 5.7.
|
|||||
| CVE-2025-32157 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jakub Glos Sparkle Elementor Kit allows PHP Local File Inclusion. This issue affects Sparkle Elementor Kit: from n/a through 2.0.9.
|
|||||
| CVE-2025-32159 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Radius Blocks allows PHP Local File Inclusion. This issue affects Radius Blocks: from n/a through 2.2.1.
|
|||||
| CVE-2025-32153 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in vinagecko VG WooCarousel allows PHP Local File Inclusion. This issue affects VG WooCarousel: from n/a through 1.3.
|
|||||
| CVE-2025-32141 | 2025-04-07 | N/A | 8.8 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix MasterStudy LMS allows PHP Local File Inclusion. This issue affects MasterStudy LMS: from n/a through 3.5.23.
|
|||||
| CVE-2025-32155 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in markkinchin Beds24 Online Booking allows PHP Local File Inclusion. This issue affects Beds24 Online Booking: from n/a through 2.0.26.
|
|||||
| CVE-2025-32156 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Alex Prokopenko / JustCoded Just Post Preview Widget allows PHP Local File Inclusion. This issue affects Just Post Preview Widget: from n/a through 1.1.1.
|
|||||
| CVE-2025-32150 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3.
|
|||||
| CVE-2025-32142 | 2025-04-07 | N/A | 8.8 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.65.
|
|||||
| CVE-2025-31405 | 2025-04-07 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zankover Fami WooCommerce Compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through 1.0.5.
|
|||||
| CVE-2025-31082 | 2025-04-02 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in InfornWeb News & Blog Designer Pack allows PHP Local File Inclusion. This issue affects News & Blog Designer Pack: from n/a through 4.0.
|
|||||
| CVE-2025-31097 | 2025-04-02 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ho3einie Material Dashboard allows PHP Local File Inclusion. This issue affects Material Dashboard: from n/a through 1.4.5.
|
|||||
| CVE-2025-26137 | 1 Systemic-rm | 1 Risk Value | 2025-04-01 | N/A | 7.5 HIGH |
|
Systemic Risk Value <=2.8.0 is vulnerable to Local File Inclusion via /GetFile.aspx?ReportUrl=. An unauthenticated attacker can exploit this issue to read arbitrary system files by supplying a crafted file path, potentially exposing sensitive information.
|
|||||
| CVE-2025-30835 | 2025-04-01 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bastien Ho Accounting for WooCommerce allows PHP Local File Inclusion. This issue affects Accounting for WooCommerce: from n/a through 1.6.8.
|
|||||
| CVE-2025-31016 | 2025-04-01 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetWooBuilder allows PHP Local File Inclusion.This issue affects JetWooBuilder: from n/a through 2.1.18.
|
|||||
| CVE-2025-31387 | 2025-04-01 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in InstaWP InstaWP Connect allows PHP Local File Inclusion. This issue affects InstaWP Connect: from n/a through 0.1.0.82.
|
|||||
| CVE-2025-30782 | 2025-04-01 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9.
|
|||||
| CVE-2025-31432 | 2025-03-28 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Chop Chop Pop-Up Chop Chop allows PHP Local File Inclusion. This issue affects Pop-Up Chop Chop: from n/a through 2.1.7.
|
|||||
| CVE-2025-26890 | 2025-03-28 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginUs.Net HUSKY allows PHP Local File Inclusion.This issue affects HUSKY: from n/a through 1.3.6.4.
|
|||||
| CVE-2025-1771 | 1 Shinecommerce | 1 Traveler | 2025-03-28 | N/A | 9.8 CRITICAL |
|
The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotel_alone_load_more_post' function 'style' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
|
|||||
| CVE-2025-23937 | 2025-03-27 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound LinkedIn Lite allows PHP Local File Inclusion. This issue affects LinkedIn Lite: from n/a through 1.0.
|
|||||
| CVE-2025-30785 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9.
|
|||||
| CVE-2025-26986 | 2025-03-27 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Pearl - Corporate Business allows PHP Local File Inclusion.This issue affects Pearl - Corporate Business: from n/a before 3.4.8.
|
|||||
| CVE-2025-27015 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in designingmedia Hostiko allows PHP Local File Inclusion.This issue affects Hostiko: from n/a before 30.1.
|
|||||
| CVE-2025-23952 | 2025-03-27 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ntm custom-field-list-widget allows PHP Local File Inclusion. This issue affects custom-field-list-widget: from n/a through 1.5.1.
|
|||||
| CVE-2025-24690 | 2025-03-27 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Michele Giorgi Formality allows PHP Local File Inclusion. This issue affects Formality: from n/a through 1.5.7.
|
|||||
| CVE-2025-28916 | 2025-03-27 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Docpro allows PHP Local File Inclusion. This issue affects Docpro: from n/a through 2.0.1.
|
|||||
| CVE-2025-30890 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SuitePlugins Login Widget for Ultimate Member allows PHP Local File Inclusion. This issue affects Login Widget for Ultimate Member: from n/a through 1.1.2.
|
|||||
| CVE-2025-30829 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion. This issue affects WPCafe: from n/a through 2.2.31.
|
|||||
| CVE-2025-30831 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme Themify Event Post allows PHP Local File Inclusion. This issue affects Themify Event Post: from n/a through 1.3.2.
|
|||||
| CVE-2025-30820 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in HT Plugins WishSuite allows PHP Local File Inclusion. This issue affects WishSuite: from n/a through 1.4.4.
|
|||||
| CVE-2025-30891 | 2025-03-27 | N/A | 8.8 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpTravelly allows PHP Local File Inclusion. This issue affects WpTravelly: from n/a through 1.8.7.
|
|||||