CWE-98 CVEs and Security Vulnerabilities

Filtered by CWE-98

Search

Switch to Advanced Search (Beta)

Total 1114 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-28061	2 Themerex, Wordpress	2 Tiger Claw, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Tiger Claw tiger-claw allows PHP Local File Inclusion.This issue affects Tiger Claw: from n/a through <= 1.1.14.
CVE-2026-28062	2 Themerex, Wordpress	2 Happy Baby, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Happy Baby happy-baby allows PHP Local File Inclusion.This issue affects Happy Baby: from n/a through <= 1.2.12.
CVE-2026-28067	2 Themerex, Wordpress	2 Bassein, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Bassein bassein allows PHP Local File Inclusion.This issue affects Bassein: from n/a through <= 1.0.15.
CVE-2026-28088	2 Themerex, Wordpress	2 Aqualots, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aqualots aqualots allows PHP Local File Inclusion.This issue affects Aqualots: from n/a through <= 1.1.6.
CVE-2026-28091	2 Themerex, Wordpress	2 Coleo, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Coleo coleo allows PHP Local File Inclusion.This issue affects Coleo: from n/a through <= 1.1.7.
CVE-2026-28093	2 Themerex, Wordpress	2 Ozisti, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Ozisti ozisti allows PHP Local File Inclusion.This issue affects Ozisti: from n/a through <= 1.1.10.
CVE-2026-28094	2 Themerex, Wordpress	2 Rexcoin, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX RexCoin rexcoin allows PHP Local File Inclusion.This issue affects RexCoin: from n/a through <= 1.2.6.
CVE-2026-28095	2 Themerex, Wordpress	2 Marcell, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Marcell marcell allows PHP Local File Inclusion.This issue affects Marcell: from n/a through <= 1.2.14.
CVE-2026-28096	2 Themerex, Wordpress	2 Wealthco, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX WealthCo wealthco allows PHP Local File Inclusion.This issue affects WealthCo: from n/a through <= 2.18.
CVE-2026-28097	2 Themerex, Wordpress	2 Artrium, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Artrium artrium allows PHP Local File Inclusion.This issue affects Artrium: from n/a through <= 1.0.14.
CVE-2026-28117	2 Axiomthemes, Wordpress	2 Smart Seo, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through <= 2.9.
CVE-2026-28123	2 Ancorathemes, Wordpress	2 Veil, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through <= 1.9.
CVE-2026-28125	2 Ancorathemes, Wordpress	2 Midi, Wordpress	2026-04-16	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Midi midi allows PHP Local File Inclusion.This issue affects Midi: from n/a through <= 1.14.
CVE-2026-23975	2 Uxper, Wordpress	2 Golo, Wordpress	2026-04-16	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through < 1.7.5.
CVE-2026-23978	1 Wordpress	1 Wordpress	2026-04-16	9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through <= 2.2.1.
CVE-2026-24390	3 Elementor, Qantumthemes, Wordpress	3 Elementor, Kentha Elementor Widgets, Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through < 3.1.
CVE-2026-24609	1 Wordpress	1 Wordpress	2026-04-16	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through <= 3.1.
CVE-2026-27326	2 Axiomthemes, Wordpress	2 Ac Services \| Hvac, Air Conditioning & Heating Company Wordpress Theme, Wordpress	2026-04-15	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services \| HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services \| HVAC, Air Conditioning & Heating Company WordPress Theme: from n/a through <= 1.2.5.
CVE-2026-27339	2 Ancorathemes, Wordpress	2 Buzz Stone \| Magazine & Viral Blog Wordpress Theme, Wordpress	2026-04-15	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone \| Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone \| Magazine & Viral Blog WordPress Theme: from n/a through <= 1.0.2.
CVE-2026-27341	2 Mikado-themes, Wordpress	2 Topscorer - Sports Wordpress Theme, Wordpress	2026-04-15	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopScorer - Sports WordPress Theme topscorer allows PHP Local File Inclusion.This issue affects TopScorer - Sports WordPress Theme: from n/a through <= 1.2.

« first previous Page 9 of 56. next last »