8.1
CVE-2026-28057 - WordPress Mandala theme <= 2.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Mandala mandala allows PHP Local File Inclusion.This issue affects Mandala: from n/a through <= 2.8.
8.1
CVE-2026-28056 - WordPress MCKinney's Politics theme <= 1.2.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX MCKinney's Politics mckinney-politics allows PHP Local File Inclusion.This issue affects MCKinney's Politics: from n/a through <= 1.2.8.
0.0
CVE-2026-28055 - WordPress M.Williamson theme <= 1.2.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX M.Williamson williamson allows PHP Local File Inclusion.This issue affects M.Williamson: from n/a through <= 1.2.11.
8.1
CVE-2026-28054 - WordPress Legal Stone theme <= 1.2.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Legal Stone legal-stone allows PHP Local File Inclusion.This issue affects Legal Stone: from n/a through <= 1.2.11.
8.1
CVE-2026-28053 - WordPress Miller theme <= 1.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Miller christine-miller allows PHP Local File Inclusion.This issue affects Miller: from n/a through <= 1.3.3.
8.1
CVE-2026-28052 - WordPress Peter Mason theme <= 1.4.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Peter Mason petermason allows PHP Local File Inclusion.This issue affects Peter Mason: from n/a through <= 1.4.5.
8.1
CVE-2026-28051 - WordPress Yacht Rental theme <= 2.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yacht Rental yacht-rental allows PHP Local File Inclusion.This issue affects Yacht Rental: from n/a through <= 2.6.
0.0
CVE-2026-28050 - WordPress Beacon theme <= 2.24 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Beacon beacon allows PHP Local File Inclusion.This issue affects Beacon: from n/a through <= 2.24.
8.1
CVE-2026-28049 - WordPress Police Department theme <= 2.17 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Police Department police-department allows PHP Local File Inclusion.This issue affects Police Department: from n/a through <= 2.17.
0.0
CVE-2026-28048 - WordPress FlashMart theme <= 2.0.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech FlashMart flashmart allows PHP Local File Inclusion.This issue affects FlashMart: from n/a through <= 2.0.15.