Filtered by vendor Wordpress
Subscriptions
Total
10417 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58885 | 2 Ancorathemes, Wordpress | 2 Pathfinder, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pathfinder pathfinder allows PHP Local File Inclusion.This issue affects Pathfinder: from n/a through <= 1.16. | ||||
| CVE-2025-58888 | 2 Ancorathemes, Wordpress | 2 Theflash, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes The Flash theflash allows PHP Local File Inclusion.This issue affects The Flash: from n/a through <= 1.15. | ||||
| CVE-2025-58889 | 2 Axiomthemes, Wordpress | 2 Towny, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Towny towny allows PHP Local File Inclusion.This issue affects Towny: from n/a through <= 1.16. | ||||
| CVE-2025-58890 | 2 Ancorathemes, Wordpress | 2 Playful, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Playful playful allows PHP Local File Inclusion.This issue affects Playful: from n/a through <= 1.19.0. | ||||
| CVE-2025-58891 | 2 Ancorathemes, Wordpress | 2 Sanger, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Sanger sanger allows PHP Local File Inclusion.This issue affects Sanger: from n/a through <= 1.24.0. | ||||
| CVE-2025-58892 | 2 Ancorathemes, Wordpress | 2 Tourimo, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tourimo tourimo allows PHP Local File Inclusion.This issue affects Tourimo: from n/a through <= 1.2.3. | ||||
| CVE-2025-58893 | 2 Axiomthemes, Wordpress | 2 Alright, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Alright alright allows PHP Local File Inclusion.This issue affects Alright: from n/a through <= 1.6.1. | ||||
| CVE-2025-58894 | 2 Axiomthemes, Wordpress | 2 Good Mood, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Good Mood good-mood allows PHP Local File Inclusion.This issue affects Good Mood: from n/a through <= 1.16. | ||||
| CVE-2025-58895 | 2 Ancorathemes, Wordpress | 2 Integro, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Integro integro allows PHP Local File Inclusion.This issue affects Integro: from n/a through <= 1.8.0. | ||||
| CVE-2025-58896 | 2 Ancorathemes, Wordpress | 2 Otaku, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Otaku otaku allows PHP Local File Inclusion.This issue affects Otaku: from n/a through <= 1.8.0. | ||||
| CVE-2025-68913 | 1 Wordpress | 1 Wordpress | 2026-01-29 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zozothemes Miion miion allows PHP Local File Inclusion.This issue affects Miion: from n/a through <= 1.2.7. | ||||
| CVE-2025-39467 | 3 Mikado-themes, Qodeinteractive, Wordpress | 3 Wanderland, Wanderland, Wordpress | 2026-01-29 | 9.8 Critical |
| Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through <= 1.7.1. | ||||
| CVE-2025-64224 | 2 Themegoods, Wordpress | 2 Grand Conference, Wordpress | 2026-01-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Reflected XSS.This issue affects Grand Conference Theme Custom Post Type: from n/a through < 2.6.4. | ||||
| CVE-2025-58958 | 2 Thememove, Wordpress | 2 Smilepure, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through < 1.8.5. | ||||
| CVE-2025-58967 | 2 Thememove, Wordpress | 2 Businext, Wordpress | 2026-01-29 | 8.2 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through < 2.4.4. | ||||
| CVE-2025-59555 | 2 Thememove, Wordpress | 2 Medizin, Wordpress | 2026-01-29 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Medizin medizin allows PHP Local File Inclusion.This issue affects Medizin: from n/a through < 1.9.7. | ||||
| CVE-2025-59558 | 2 Thememove, Wordpress | 2 Billey, Wordpress | 2026-01-29 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through < 2.1.6. | ||||
| CVE-2025-59564 | 2 Thememove, Wordpress | 2 Edumall, Wordpress | 2026-01-29 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through < 4.4.5. | ||||
| CVE-2025-67958 | 3 Taxcloud, Woocommerce, Wordpress | 3 Taxcloud For Woocommerce, Woocommerce, Wordpress | 2026-01-29 | 6.5 Medium |
| Missing Authorization vulnerability in Taxcloud TaxCloud for WooCommerce simple-sales-tax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TaxCloud for WooCommerce: from n/a through <= 8.3.8. | ||||
| CVE-2025-67952 | 2 Themegoods, Wordpress | 2 Grand Tour, Wordpress | 2026-01-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through < 5.6.2. | ||||