Export limit exceeded: 13615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13615 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69343 | 2 Jeroen Schmit, Wordpress | 2 Theater For Wordpress, Wordpress | 2026-04-22 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordPress: from n/a through <= 0.19. | ||||
| CVE-2025-68555 | 2 Wordpress, Zozothemes | 2 Wordpress, Nutrie | 2026-04-22 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Nutrie nutrie allows Upload a Web Shell to a Web Server.This issue affects Nutrie: from n/a through < 2.0.1. | ||||
| CVE-2025-68553 | 2 Wordpress, Zozothemes | 2 Wordpress, Lendiz | 2026-04-22 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Lendiz lendiz allows Upload a Web Shell to a Web Server.This issue affects Lendiz: from n/a through < 2.0.1. | ||||
| CVE-2026-22385 | 2 Don-themes, Wordpress | 2 Wolmart, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in don-themes Wolmart wolmart allows PHP Local File Inclusion.This issue affects Wolmart: from n/a through <= 1.9.6. | ||||
| CVE-2026-28021 | 2 Themerex, Wordpress | 2 Craftis, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Craftis craftis allows PHP Local File Inclusion.This issue affects Craftis: from n/a through <= 1.2.8. | ||||
| CVE-2026-28019 | 2 Themerex, Wordpress | 2 Manoir, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Manoir manoir allows PHP Local File Inclusion.This issue affects Manoir: from n/a through <= 1.11. | ||||
| CVE-2026-28018 | 2 Themerex, Wordpress | 2 Global Logistics, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through <= 3.20. | ||||
| CVE-2026-28011 | 2 Themerex, Wordpress | 2 Yottis, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yottis yottis allows PHP Local File Inclusion.This issue affects Yottis: from n/a through <= 1.0.10. | ||||
| CVE-2026-27326 | 2 Axiomthemes, Wordpress | 2 Ac Services | Hvac, Air Conditioning & Heating Company Wordpress Theme, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme: from n/a through <= 1.2.5. | ||||
| CVE-2026-27332 | 2 Skygroup, Wordpress | 2 Agrofood, Wordpress | 2026-04-22 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Agrofood agrofood allows Reflected XSS.This issue affects Agrofood: from n/a through < 1.4.0. | ||||
| CVE-2026-27334 | 2 Dan Fisher, Wordpress | 2 Alchemists, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dan_fisher Alchemists alchemists allows PHP Local File Inclusion.This issue affects Alchemists: from n/a through <= 4.6.0. | ||||
| CVE-2026-22387 | 2 Mikado-themes, Wordpress | 2 Aviana, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Aviana aviana allows PHP Local File Inclusion.This issue affects Aviana: from n/a through <= 2.1. | ||||
| CVE-2026-28010 | 2 Themerex, Wordpress | 2 Scientia, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Scientia scientia allows PHP Local File Inclusion.This issue affects Scientia: from n/a through <= 1.2.4. | ||||
| CVE-2026-27993 | 2 Themerex, Wordpress | 2 Aldo, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aldo aldo allows PHP Local File Inclusion.This issue affects Aldo: from n/a through <= 1.0.10. | ||||
| CVE-2026-27990 | 2 Themerex, Wordpress | 2 Confix, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through <= 1.013. | ||||
| CVE-2026-27986 | 2 Themerex, Wordpress | 2 Ostende, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects OsTende: from n/a through <= 1.4.3. | ||||
| CVE-2026-27340 | 2 Ancorathemes, Wordpress | 2 Apollo | Night Club, Dj Event Wordpress Theme, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo | Night Club, DJ Event WordPress Theme: from n/a through <= 1.3.1. | ||||
| CVE-2026-27342 | 2 Mikado-themes, Wordpress | 2 Topfit - Fitness And Gym Wordpress Theme, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopFit - Fitness and Gym WordPress Theme topfit allows PHP Local File Inclusion.This issue affects TopFit - Fitness and Gym WordPress Theme: from n/a through <= 1.9. | ||||
| CVE-2026-27439 | 2 Themerex, Wordpress | 2 Dentario, Wordpress | 2026-04-22 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Dentario dentario allows Object Injection.This issue affects Dentario: from n/a through <= 1.5. | ||||
| CVE-2026-27437 | 2 Themerex, Wordpress | 2 Tennis Club, Wordpress | 2026-04-22 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through <= 1.2.3. | ||||