CWE-98 CVEs and Security Vulnerabilities

Filtered by CWE-98

Search

Switch to Advanced Search (Beta)

Total 1113 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-27992	2 Themerex, Wordpress	2 Meals & Wheels, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This issue affects Meals & Wheels: from n/a through <= 1.1.12.
CVE-2026-28007	2 Themerex, Wordpress	2 Coinpress, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Coinpress coinpress allows PHP Local File Inclusion.This issue affects Coinpress: from n/a through <= 1.0.14.
CVE-2026-28010	2 Themerex, Wordpress	2 Scientia, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Scientia scientia allows PHP Local File Inclusion.This issue affects Scientia: from n/a through <= 1.2.4.
CVE-2026-28014	2 Themerex, Wordpress	2 Translogic, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Translogic translogic allows PHP Local File Inclusion.This issue affects Translogic: from n/a through <= 1.2.11.
CVE-2026-28015	2 Themerex, Wordpress	2 Shiftcv, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ShiftCV shift-cv allows PHP Local File Inclusion.This issue affects ShiftCV: from n/a through <= 3.0.14.
CVE-2026-28017	2 Themerex, Wordpress	2 Green Thumb, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Green Thumb greenthumb allows PHP Local File Inclusion.This issue affects Green Thumb: from n/a through <= 1.1.12.
CVE-2026-28031	2 Themerex, Wordpress	2 Invetex, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Invetex invetex allows PHP Local File Inclusion.This issue affects Invetex: from n/a through <= 2.18.
CVE-2026-28035	2 Themerex, Wordpress	2 Printy, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Printy printy allows PHP Local File Inclusion.This issue affects Printy: from n/a through <= 1.8.
CVE-2026-28045	2 Themerex, Wordpress	2 N7 \| Golf Club Sports & Events, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX N7 \| Golf Club Sports & Events n7-golf-club allows PHP Local File Inclusion.This issue affects N7 \| Golf Club Sports & Events: from n/a through <= 2.16.0.
CVE-2026-28047	2 Magentech, Wordpress	2 Victo, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through <= 1.4.16.
CVE-2026-28077	2 Themerex, Wordpress	2 Vapester, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Vapester vapester allows PHP Local File Inclusion.This issue affects Vapester: from n/a through <= 1.1.10.
CVE-2026-28084	2 Themerex, Wordpress	2 Bazinga, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Bazinga bazinga allows PHP Local File Inclusion.This issue affects Bazinga: from n/a through <= 1.1.9.
CVE-2026-28107	2 Themerex, Wordpress	2 Muzicon, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Muzicon muzicon allows PHP Local File Inclusion.This issue affects Muzicon: from n/a through <= 1.9.0.
CVE-2026-24531	1 Wordpress	1 Wordpress	2026-04-16	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3.
CVE-2026-24608	1 Wordpress	1 Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent Core laurent-core allows PHP Local File Inclusion.This issue affects Laurent Core: from n/a through <= 2.4.1.
CVE-2026-24635	1 Wordpress	1 Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DevsBlink EduBlink Core edublink-core allows PHP Local File Inclusion.This issue affects EduBlink Core: from n/a through <= 2.0.7.
CVE-2026-27052	2 Villatheme, Wordpress	2 Sales Countdown Timer For Woocommerce And Wordpress, Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in villatheme Sales Countdown Timer for WooCommerce and WordPress sctv-sales-countdown-timer allows PHP Local File Inclusion.This issue affects Sales Countdown Timer for WooCommerce and WordPress: from n/a through < 1.1.9.
CVE-2026-27343	2 Vankarwai, Wordpress	2 Airtifact, Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in VanKarWai Airtifact airtifact allows PHP Local File Inclusion.This issue affects Airtifact: from n/a through <= 1.2.91.
CVE-2026-22344	2 Mikado-themes, Wordpress	2 Fivestar, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes FiveStar fivestar allows PHP Local File Inclusion.This issue affects FiveStar: from n/a through <= 1.7.
CVE-2026-22367	2 Ancorathemes, Wordpress	2 Coworking, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Coworking coworking allows PHP Local File Inclusion.This issue affects Coworking: from n/a through <= 1.6.1.

« first previous Page 4 of 56. next last »