Filtered by CWE-98
Total 986 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-14430 2 Thememove, Wordpress 2 Brook, Wordpress 2026-01-27 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook - Agency Business Creative brook allows PHP Local File Inclusion.This issue affects Brook - Agency Business Creative: from n/a through <= 2.8.9.
CVE-2025-22707 2 Thememove, Wordpress 2 Moody, Wordpress 2026-01-27 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through <= 2.7.3.
CVE-2025-22708 2 Thememove, Wordpress 2 Mitech, Wordpress 2026-01-27 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Mitech mitech allows PHP Local File Inclusion.This issue affects Mitech: from n/a through <= 2.3.4.
CVE-2025-67934 3 Mikado-themes, Qodeinteractive, Wordpress 3 Wellspring, Wellspring, Wordpress 2026-01-27 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wellspring wellspring allows PHP Local File Inclusion.This issue affects Wellspring: from n/a through < 2.8.
CVE-2025-58898 2 Ancorathemes, Wordpress 2 Healthhub, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes HealthHub healthhub allows PHP Local File Inclusion.This issue affects HealthHub: from n/a through <= 1.3.0.
CVE-2025-58929 2 Axiomthemes, Wordpress 2 Pantry, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pantry pantry allows PHP Local File Inclusion.This issue affects Pantry: from n/a through <= 1.4.
CVE-2025-58930 2 Axiomthemes, Wordpress 2 Fitflex, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes FitFlex fitflex allows PHP Local File Inclusion.This issue affects FitFlex: from n/a through <= 1.6.
CVE-2025-58931 2 Axiomthemes, Wordpress 2 Palatio, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6.
CVE-2025-58932 2 Axiomthemes, Wordpress 2 Prisma, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through <= 1.10.
CVE-2025-58940 2 Axiomthemes, Wordpress 2 Basil, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12.
CVE-2025-58941 2 Axiomthemes, Wordpress 2 Fabric, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0.
CVE-2025-58942 2 Axiomthemes, Wordpress 2 Dwell, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0.
CVE-2025-58943 2 Axiomthemes, Wordpress 2 Agricola, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through <= 1.1.0.
CVE-2025-58944 2 Axiomthemes, Wordpress 2 Manufactory, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Manufactory manufactory allows PHP Local File Inclusion.This issue affects Manufactory: from n/a through <= 1.4.
CVE-2026-24531 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3.
CVE-2025-54003 2 Mikado-themes, Wordpress 2 Depot, Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Depot depot allows PHP Local File Inclusion.This issue affects Depot: from n/a through <= 1.16.
CVE-2025-50003 2 Axiomthemes, Wordpress 2 Amuli, Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Amuli amuli allows PHP Local File Inclusion.This issue affects Amuli: from n/a through <= 2.3.0.
CVE-2025-49994 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through <= 1.1.6.
CVE-2025-47474 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ninetheme Anarkali anarkali allows PHP Local File Inclusion.This issue affects Anarkali: from n/a through <= 1.0.9.
CVE-2026-22401 1 Wordpress 1 Wordpress 2026-01-26 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Freshio freshio allows PHP Local File Inclusion.This issue affects Freshio: from n/a through <= 2.4.2.