Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-98
Total 380 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-39494 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wilmër allows PHP Local File Inclusion. This issue affects Wilmër: from n/a through n/a.
CVE-2025-32309 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Healsoul allows PHP Local File Inclusion. This issue affects Healsoul: from n/a through 2.0.2.
CVE-2025-47670 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange WordPress Social Login and Register allows PHP Local File Inclusion. This issue affects WordPress Social Login and Register: from n/a through 7.6.10.
CVE-2025-31064 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Vizeon - Business Consulting allows PHP Local File Inclusion. This issue affects Vizeon - Business Consulting: from n/a through 1.1.7.
CVE-2025-32289 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Yozi allows PHP Local File Inclusion. This issue affects Yozi: from n/a through 2.0.52.
CVE-2025-47672 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in miniOrange miniOrange Discord Integration allows PHP Local File Inclusion. This issue affects miniOrange Discord Integration: from n/a through 2.2.2.
CVE-2025-39506 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2.
CVE-2025-47453 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP Smart Import allows PHP Local File Inclusion. This issue affects WP Smart Import: from n/a through 1.1.3.
CVE-2025-31060 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Capie allows PHP Local File Inclusion. This issue affects Capie: from n/a through 1.0.40.
CVE-2025-48292 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GoodLayers Tourmaster allows PHP Local File Inclusion. This issue affects Tourmaster: from n/a through 5.3.8.
CVE-2025-46444 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in scripteo Ads Pro Plugin allows PHP Local File Inclusion. This issue affects Ads Pro Plugin: from n/a through 4.88.
CVE-2025-31632 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SpyroPress La Boom allows PHP Local File Inclusion. This issue affects La Boom: from n/a through 2.7.
CVE-2025-32294 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Oxpitan allows PHP Local File Inclusion. This issue affects Oxpitan: from n/a through 1.3.1.
CVE-2025-46454 2025-05-23 N/A 7.5 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in svil4ok Meta Keywords & Description allows PHP Local File Inclusion. This issue affects Meta Keywords & Description: from n/a through 0.8.
CVE-2025-31913 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Ogami allows PHP Local File Inclusion. This issue affects Ogami: from n/a through 1.53.
CVE-2025-32286 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Butcher allows PHP Local File Inclusion. This issue affects Butcher: from n/a through 2.40.
CVE-2025-31633 2025-05-23 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kiamo - Responsive Business Service WordPress Theme allows PHP Local File Inclusion. This issue affects Kiamo - Responsive Business Service WordPress Theme: from n/a through 1.3.3.
CVE-2025-39396 2025-05-21 N/A 7.5 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through 2.3.6.
CVE-2025-39406 2025-05-21 N/A 9.8 CRITICAL
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPAMS allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through 44.0.
CVE-2025-39411 2025-05-21 N/A 7.5 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Indie_Plugins WhatsApp Click to Chat Plugin for WordPress.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through 2.2.12.