0.0
CVE-2026-28046 - WordPress Law Office theme <= 3.3.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through <= 3.3.0.
8.1
CVE-2026-28045 - WordPress N7 | Golf Club Sports & Events theme <= 2.16.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX N7 | Golf Club Sports & Events n7-golf-club allows PHP Local File Inclusion.This issue affects N7 | Golf Club Sports & Events: from n/a through <= 2.16.0.
0.0
CVE-2026-28043 - WordPress Healer - Doctor, Clinic & Medical WordPress Theme theme <= 1.0.0 - Local File Inclusion vβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Healer - Doctor, Clinic & Medical WordPress Theme healer allows PHP Local File Inclusion.This issue affects Healer - Doctor, Clinic & Medical WordPress Theme: from n/a tβ¦
0.0
CVE-2026-28042 - WordPress Listify plugin <= 3.2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Listify listify allows Reflected XSS.This issue affects Listify: from n/a through <= 3.2.5.
0.0
CVE-2026-28041 - WordPress Grit theme <= 1.0.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through <= 1.0.1.
0.0
CVE-2026-28039 - WordPress wpDataTables plugin <= 6.5.0.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpDataTables wpDataTables wpdatatables allows PHP Local File Inclusion.This issue affects wpDataTables: from n/a through <= 6.5.0.1.
0.0
CVE-2026-28038 - WordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerβ¦
Missing Authorization vulnerability in Brainstorm_Force Ultimate Addons for WPBakery Page Builder ultimate_vc_addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through <= 3.21.1.
0.0
CVE-2026-28037 - WordPress EventON plugin <= 4.9.12 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ashanjay EventON eventon allows Reflected XSS.This issue affects EventON: from n/a through <= 4.9.12.
0.0
CVE-2026-28036 - WordPress Ratatouille theme <= 1.2.6 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery (SSRF) vulnerability in SkatDesign Ratatouille ratatouille allows Server Side Request Forgery.This issue affects Ratatouille: from n/a through <= 1.2.6.
0.0
CVE-2026-28035 - WordPress Printy theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Printy printy allows PHP Local File Inclusion.This issue affects Printy: from n/a through <= 1.8.