8.1

CVSS3.1

CVE-2026-28060 - WordPress S.King theme <= 1.5.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX S.King stephanie-king allows PHP Local File Inclusion.This issue affects S.King: from n/a through <= 1.5.3.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 9:05 p.m.

0.0

CVE-2026-28059 - WordPress Dermatology Clinic theme <= 1.4.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dermatology Clinic dermatology-clinic allows PHP Local File Inclusion.This issue affects Dermatology Clinic: from n/a through <= 1.4.3.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 8:28 p.m.

8.1

CVSS3.1

CVE-2026-28058 - WordPress Dixon theme <= 1.4.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dixon dixon allows PHP Local File Inclusion.This issue affects Dixon: from n/a through <= 1.4.2.1.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 10:16 p.m.

8.1

CVSS3.1

CVE-2026-28057 - WordPress Mandala theme <= 2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Mandala mandala allows PHP Local File Inclusion.This issue affects Mandala: from n/a through <= 2.8.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 10:16 p.m.

8.1

CVSS3.1

CVE-2026-28056 - WordPress MCKinney's Politics theme <= 1.2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX MCKinney's Politics mckinney-politics allows PHP Local File Inclusion.This issue affects MCKinney's Politics: from n/a through <= 1.2.8.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 9:12 p.m.

0.0

CVE-2026-28055 - WordPress M.Williamson theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX M.Williamson williamson allows PHP Local File Inclusion.This issue affects M.Williamson: from n/a through <= 1.2.11.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 7:38 p.m.

8.1

CVSS3.1

CVE-2026-28054 - WordPress Legal Stone theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Legal Stone legal-stone allows PHP Local File Inclusion.This issue affects Legal Stone: from n/a through <= 1.2.11.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 9:14 p.m.

8.1

CVSS3.1

CVE-2026-28053 - WordPress Miller theme <= 1.3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Miller christine-miller allows PHP Local File Inclusion.This issue affects Miller: from n/a through <= 1.3.3.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 9:14 p.m.

8.1

CVSS3.1

CVE-2026-28052 - WordPress Peter Mason theme <= 1.4.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Peter Mason petermason allows PHP Local File Inclusion.This issue affects Peter Mason: from n/a through <= 1.4.5.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 9:17 p.m.

8.1

CVSS3.1

CVE-2026-28051 - WordPress Yacht Rental theme <= 2.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yacht Rental yacht-rental allows PHP Local File Inclusion.This issue affects Yacht Rental: from n/a through <= 2.6.

📅 Published: March 5, 2026, 5:54 a.m. 🔄 Last Modified: March 5, 2026, 9:17 p.m.

CVE Authored by @onurcangnc

8.1

CVE-2026-28060 - WordPress S.King theme <= 1.5.3 - Local File Inclusion vulnerability

0.0

CVE-2026-28059 - WordPress Dermatology Clinic theme <= 1.4.3 - Local File Inclusion vulnerability

8.1

CVE-2026-28058 - WordPress Dixon theme <= 1.4.2.1 - Local File Inclusion vulnerability

8.1

CVE-2026-28057 - WordPress Mandala theme <= 2.8 - Local File Inclusion vulnerability

8.1

CVE-2026-28056 - WordPress MCKinney's Politics theme <= 1.2.8 - Local File Inclusion vulnerability

0.0

CVE-2026-28055 - WordPress M.Williamson theme <= 1.2.11 - Local File Inclusion vulnerability

8.1

CVE-2026-28054 - WordPress Legal Stone theme <= 1.2.11 - Local File Inclusion vulnerability

8.1

CVE-2026-28053 - WordPress Miller theme <= 1.3.3 - Local File Inclusion vulnerability

8.1

CVE-2026-28052 - WordPress Peter Mason theme <= 1.4.5 - Local File Inclusion vulnerability

8.1

CVE-2026-28051 - WordPress Yacht Rental theme <= 2.6 - Local File Inclusion vulnerability