Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 CRITICAL18 HIGH
CVE-2025-49383
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CocoBasic Neresa neresa-wp allows PHP Local File Inclusion.This issue affects N
NVD RRF 0.010
CVE-2025-26933
HIGH CVSS 7.5
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nitin Prakash WC Place Order Without Payment wc-place-order-without-payment all
NVD RRF 0.010
CVE-2024-9669
HIGH CVSS 7.2
Find Similar
The File Manager Pro – Filester plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.8.5 via the 'fm_locale' parameter. This makes it possible
ninjateam
NVD RRF 0.010
CVE-2025-69090
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Remons remons allows PHP Local File Inclusion.This issue affects Remon
NVD RRF 0.010
CVE-2026-28118
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Welldone welldone allows PHP Local File Inclusion.This issue affect
NVD RRF 0.010
CVE-2025-53227
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magazine Saga magazine-saga allows PHP Local File Inclusion.This issue
NVD RRF 0.009
CVE-2026-2448
HIGH CVSS 8.8
Find Similar
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.5 via the locate_template() function. This makes it possible for au
NVD RRF 0.009
CVE-2025-10686
HIGH CVSS 7.2
Find Similar
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include a
NVD RRF 0.009
CVE-2025-12497
HIGH CVSS 8.1
Find Similar
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10 via the 'args[extra_template_path]' parameter. Th
NVD RRF 0.009
CVE-2025-2294
CRITICAL CVSS 9.8
Find Similar
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it possibl
NVD RRF 0.009
CVE-2024-9193
CRITICAL CVSS 9.8
Find Similar
The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_ex
whmpress
NVD RRF 0.009
CVE-2026-22421
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Quantum quantum allows PHP Local File Inclusion.This issue affects
NVD RRF 0.009
CVE-2018-25329
HIGH CVSS 8.7
Find Similar
WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attacke
NVD RRF 0.009
CVE-2025-60126
HIGH CVSS 8.8
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginOps Testimonial Slider testimonial-add allows PHP Local File Inclusion.Th
NVD RRF 0.009
CVE-2024-12040
HIGH CVSS 8.8
Find Similar
The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the 'theme' attribute of the `wc
NVD RRF 0.009
CVE-2025-47693
HIGH CVSS 7.5
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Services Booking fat-services-booking allows PHP Local File Inclusi
NVD RRF 0.009
CVE-2025-31064
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Vizeon - Business Consulting vizeon allows PHP Local File Inclusion.This
NVD RRF 0.009
CVE-2026-28123
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil:
NVD RRF 0.008
CVE-2025-49278
HIGH CVSS 8.1
Find Similar
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogty blogty allows PHP Local File Inclusion.This issue affects Blogt
NVD RRF 0.008
CVE-2025-9874
HIGH CVSS 7.5
Find Similar
The Ultimate Classified Listings plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6 via the 'uclwp_dashboard' shortcode. This makes it possible for au
NVD RRF 0.008
← Previous Page 3+ Next →