Filtered by CWE-98
Filtered by vendor Subscriptions
Total 1114 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-46454 2026-04-28 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in svil4ok Meta Keywords & Description wp-meta-keywords-meta-description allows PHP Local File Inclusion.This issue affects Meta Keywords & Description: from n/a through <= 0.8.
CVE-2025-39468 1 Wordpress 1 Wordpress 2026-04-28 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pantherius Modal Survey modal-survey.This issue affects Modal Survey: from n/a through <= 2.0.2.0.1.
CVE-2026-24538 2 Omnipressteam, Wordpress 2 Omnipress, Wordpress 2026-04-28 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.7.
CVE-2026-28123 2 Ancorathemes, Wordpress 2 Veil, Wordpress 2026-04-28 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through <= 1.9.
CVE-2025-69039 1 Wordpress 1 Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through <= 1.3.4.
CVE-2025-69043 1 Wordpress 1 Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Rashy rashy allows PHP Local File Inclusion.This issue affects Rashy: from n/a through <= 1.1.3.
CVE-2025-69042 1 Wordpress 1 Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Lindo lindo allows PHP Local File Inclusion.This issue affects Lindo: from n/a through <= 1.2.5.
CVE-2025-69040 1 Wordpress 1 Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through <= 1.2.1.
CVE-2025-49994 1 Wordpress 1 Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through <= 1.1.6.
CVE-2025-49935 2 Wordpress, Xtemos 2 Wordpress, Woodmart 2026-04-27 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in xtemos WoodMart woodmart allows PHP Local File Inclusion.This issue affects WoodMart: from n/a through < 8.3.2.
CVE-2025-49921 1 Wordpress 1 Wordpress 2026-04-27 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 3.0.0.
CVE-2025-48338 2 Kevonadonis, Wordpress 2 Wp Abstracts, Wordpress 2026-04-27 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows PHP Local File Inclusion.This issue affects WP Abstracts: from n/a through <= 2.7.4.
CVE-2025-48330 1 Wordpress 1 Wordpress 2026-04-27 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms: from n/a through <= 1.7.0.
CVE-2025-48290 2 Bslthemes, Wordpress 2 Kinsley, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in bslthemes Kinsley kinsley allows PHP Local File Inclusion.This issue affects Kinsley: from n/a through <= 3.4.4.
CVE-2025-58967 2 Thememove, Wordpress 2 Businext, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through < 2.4.4.
CVE-2025-58958 2 Thememove, Wordpress 2 Smilepure, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through < 1.8.5.
CVE-2025-58946 2 Axiomthemes, Wordpress 2 Vocal, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Vocal vocal allows PHP Local File Inclusion.This issue affects Vocal: from n/a through <= 1.12.
CVE-2025-58947 2 Axiomthemes, Wordpress 2 Athos, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Athos athos allows PHP Local File Inclusion.This issue affects Athos: from n/a through <= 1.9.
CVE-2025-58945 2 Axiomthemes, Wordpress 2 Ecogrow, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes EcoGrow ecogrow allows PHP Local File Inclusion.This issue affects EcoGrow: from n/a through <= 1.7.
CVE-2025-58944 2 Axiomthemes, Wordpress 2 Manufactory, Wordpress 2026-04-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Manufactory manufactory allows PHP Local File Inclusion.This issue affects Manufactory: from n/a through <= 1.4.