8.1
CVE-2023-25999 - WordPress BodyCenter - Gym, Fitness WooCommerce WordPress Theme <= 2.4 - Local File Inclusion Vulneβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects BodyCenter - Gym, Fitness WooCommerce WordPress Theme: from n/aβ¦
8.1
CVE-2023-26005 - WordPress Fitrush theme <= 1.3.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Fitrush bw-fitrush allows PHP Local File Inclusion.This issue affects Fitrush: from n/a through <= 1.3.4.
8.1
CVE-2025-23974 - WordPress One-Login plugin <= 1.4 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through <= 1.4.
9.3
CVE-2025-24767 - WordPress TicketBAI Facturas para WooCommerce plugin <= 3.19 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in facturaone TicketBAI Facturas para WooCommerce wp-ticketbai allows Blind SQL Injection.This issue affects TicketBAI Facturas para WooCommerce: from n/a through <= 3.19.
8.1
CVE-2025-24768 - WordPress Nitan theme <= 2.9 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan snsnitan allows PHP Local File Inclusion.This issue affects Nitan: from n/a through <= 2.9.
8.1
CVE-2025-24770 - WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through <= 1.7.
8.1
CVE-2025-26592 - WordPress Lab Theme <= 1.0.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lab lab allows PHP Local File Inclusion.This issue affects Lab: from n/a through <= 1.0.0.
8.1
CVE-2025-27362 - WordPress Petito theme < 1.6.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Petito bw-petito allows PHP Local File Inclusion.This issue affects Petito: from n/a through < 1.6.6.
8.1
CVE-2025-28888 - WordPress GiftXtore theme < 1.7.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme GiftXtore bw-giftxtore allows PHP Local File Inclusion.This issue affects GiftXtore: from n/a through < 1.7.7.
8.1
CVE-2025-28944 - WordPress Avaz theme <= 2.8 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Avaz snsavaz allows PHP Local File Inclusion.This issue affects Avaz: from n/a through <= 2.8.