Total
986 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30901 | 1 Joomsky | 1 Js Help Desk | 2026-01-23 | N/A | 8.1 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk allows PHP Local File Inclusion. This issue affects JS Help Desk: from n/a through 2.9.2.
|
|||||
| CVE-2025-32146 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 8.8 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-32627 | 1 Joomsky | 1 Js Job Manager | 2026-01-23 | N/A | 8.1 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
|
|||||
| CVE-2025-68645 | 1 Synacor | 1 Zimbra Collaboration Suite | 2026-01-23 | N/A | 8.8 HIGH |
|
A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory.
|
|||||
| CVE-2025-6326 | 2026-01-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through <= 1.18.0.
|
|||||
| CVE-2025-69356 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements (for Elementor): from n/a through <= 5.11.0.
|
|||||
| CVE-2025-69342 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in VanKarWai Calafate calafate allows PHP Local File Inclusion.This issue affects Calafate: from n/a through <= 1.7.7.
|
|||||
| CVE-2025-69087 | 2026-01-20 | N/A | 8.1 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes FreeAgent allows PHP Local File Inclusion.This issue affects FreeAgent: from n/a through 2.1.2.
|
|||||
| CVE-2025-68996 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through <= 15.1.
|
|||||
| CVE-2025-68987 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Cinerama - A WordPress Theme for Movie Studios and Filmmakers cinerama allows PHP Local File Inclusion.This issue affects Cinerama - A WordPress Theme for Movie Studios and Filmmakers: from n/a through <= 2.4.
|
|||||
| CVE-2025-68985 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through <= 1.3.15.
|
|||||
| CVE-2025-68984 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Puca puca allows PHP Local File Inclusion.This issue affects Puca: from n/a through <= 2.6.39.
|
|||||
| CVE-2025-68983 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Greenmart greenmart allows PHP Local File Inclusion.This issue affects Greenmart: from n/a through <= 4.2.11.
|
|||||
| CVE-2025-68974 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register miniorange-login-openid allows PHP Local File Inclusion.This issue affects WordPress Social Login and Register: from n/a through <= 7.7.0.
|
|||||
| CVE-2025-68877 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CedCommerce CedCommerce Integration for Good Market allows PHP Local File Inclusion.This issue affects CedCommerce Integration for Good Market: from n/a through 1.0.6.
|
|||||
| CVE-2025-68870 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in reDim GmbH CookieHint WP allows PHP Local File Inclusion.This issue affects CookieHint WP: from n/a through 1.0.0.
|
|||||
| CVE-2025-68563 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Unlock Lite subscribe-to-unlock-lite allows PHP Local File Inclusion.This issue affects Subscribe to Unlock Lite: from n/a through <= 1.3.0.
|
|||||
| CVE-2025-68560 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodexThemes TheGem Theme Elements (for Elementor).This issue affects TheGem Theme Elements (for Elementor): from n/a through 5.10.5.1.
|
|||||
| CVE-2025-68546 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Thembay Nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through 1.2.14.
|
|||||
| CVE-2025-68544 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Thembay Diza allows PHP Local File Inclusion.This issue affects Diza: from n/a through 1.3.15.
|
|||||
| CVE-2025-68540 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through <= 1.1.35.
|
|||||
| CVE-2025-68537 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through <= 1.3.14.
|
|||||
| CVE-2025-68530 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Bookory bookory allows PHP Local File Inclusion.This issue affects Bookory: from n/a through <= 2.2.7.
|
|||||
| CVE-2025-68506 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nawawi Jamili Docket Cache docket-cache allows PHP Local File Inclusion.This issue affects Docket Cache: from n/a through <= 24.07.03.
|
|||||
| CVE-2025-68068 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Stockholm stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through <= 9.14.1.
|
|||||
| CVE-2025-68067 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Stockholm Core stockholm-core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through <= 2.4.6.
|
|||||
| CVE-2025-68066 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects Soledad: from n/a through <= 8.7.0.
|
|||||
| CVE-2025-68065 | 2026-01-20 | N/A | 7.5 HIGH | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LiquidThemes Hub Core hub-core allows PHP Local File Inclusion.This issue affects Hub Core: from n/a through <= 5.0.8.
|
|||||
| CVE-2025-67920 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through < 1.2.
|
|||||
| CVE-2025-67532 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through <= 1.2.17.
|
|||||
| CVE-2025-67531 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Turitor turitor allows PHP Local File Inclusion.This issue affects Turitor: from n/a through < 1.5.3.
|
|||||
| CVE-2025-67530 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through <= 2.3.15.
|
|||||
| CVE-2025-67529 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Opal_WP Fashion fashion2 allows PHP Local File Inclusion.This issue affects Fashion: from n/a through < 5.3.0.
|
|||||
| CVE-2025-67528 | 2026-01-20 | N/A | 5.1 MEDIUM | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through <= 2.5.12.
|
|||||
| CVE-2025-67527 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through < 2.2.7.
|
|||||
| CVE-2025-67526 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress Sailing sailing allows PHP Local File Inclusion.This issue affects Sailing: from n/a through < 4.4.6.
|
|||||
| CVE-2025-67525 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Opal_WP ekommart ekommart allows PHP Local File Inclusion.This issue affects ekommart: from n/a through < 4.3.1.
|
|||||
| CVE-2025-67524 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster Elementor Addon jobmonster-addon allows PHP Local File Inclusion.This issue affects Jobmonster Elementor Addon: from n/a through <= 1.1.4.
|
|||||
| CVE-2025-67523 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Exhibz exhibz allows PHP Local File Inclusion.This issue affects Exhibz: from n/a through <= 3.0.9.
|
|||||
| CVE-2025-67522 | 2026-01-20 | N/A | 9.8 CRITICAL | ||
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through <= 4.8.2.
|
|||||