8.1
CVE-2026-28053 - WordPress Miller theme <= 1.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Miller christine-miller allows PHP Local File Inclusion.This issue affects Miller: from n/a through <= 1.3.3.
8.1
CVE-2026-28052 - WordPress Peter Mason theme <= 1.4.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Peter Mason petermason allows PHP Local File Inclusion.This issue affects Peter Mason: from n/a through <= 1.4.5.
8.1
CVE-2026-28051 - WordPress Yacht Rental theme <= 2.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yacht Rental yacht-rental allows PHP Local File Inclusion.This issue affects Yacht Rental: from n/a through <= 2.6.
8.1
CVE-2026-28050 - WordPress Beacon theme <= 2.24 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Beacon beacon allows PHP Local File Inclusion.This issue affects Beacon: from n/a through <= 2.24.
8.1
CVE-2026-28049 - WordPress Police Department theme <= 2.17 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Police Department police-department allows PHP Local File Inclusion.This issue affects Police Department: from n/a through <= 2.17.
8.1
CVE-2026-28048 - WordPress FlashMart theme <= 2.0.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech FlashMart flashmart allows PHP Local File Inclusion.This issue affects FlashMart: from n/a through <= 2.0.15.
8.1
CVE-2026-28047 - WordPress Victo theme <= 1.4.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through <= 1.4.16.
8.1
CVE-2026-28046 - WordPress Law Office theme <= 3.3.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through <= 3.3.0.
8.1
CVE-2026-28045 - WordPress N7 | Golf Club Sports & Events theme <= 2.16.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX N7 | Golf Club Sports & Events n7-golf-club allows PHP Local File Inclusion.This issue affects N7 | Golf Club Sports & Events: from n/a through <= 2.16.0.
9.8
CVE-2026-28043 - WordPress Healer - Doctor, Clinic & Medical WordPress Theme theme <= 1.0.0 - Local File Inclusion vโฆ
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Healer - Doctor, Clinic & Medical WordPress Theme healer allows PHP Local File Inclusion.This issue affects Healer - Doctor, Clinic & Medical WordPress Theme: from n/a tโฆ