Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,747
Quick preset (or use dates below)
Clear Filters
Showing 10,441 - 10,460 of 14,108 CVEs
CVE-2026-27996 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Lingvico lingvico allows PHP Local File Inclusion.This issue affects Lingvico: from n/a through <= 1.0.14.

Vendor: ThemeREX
Product: Lingvico
Published: Mar 05, 2026
Source: NVD
CVE-2026-27995 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Justitia justitia allows PHP Local File Inclusion.This issue affects Justitia: from n/a through <= 1.1.0.

Vendor: ThemeREX
Product: Justitia
Published: Mar 05, 2026
Source: NVD
CVE-2026-27994 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Tediss tediss allows PHP Local File Inclusion.This issue affects Tediss: from n/a through <= 1.2.4.

Vendor: ThemeREX
Product: Tediss
Published: Mar 05, 2026
Source: NVD
CVE-2026-27993 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aldo aldo allows PHP Local File Inclusion.This issue affects Aldo: from n/a through <= 1.0.10.

Vendor: ThemeREX
Product: Aldo
Published: Mar 05, 2026
Source: NVD
CVE-2026-27992 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This issue affects Meals & Wheels: from n/a through <= 1.1.12.

Vendor: ThemeREX
Product: Meals & Wheels
Published: Mar 05, 2026
Source: NVD
CVE-2026-27991 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through <= 1.1.12.

Vendor: ThemeREX
Product: Avventure
Published: Mar 05, 2026
Source: NVD
CVE-2026-27990 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through <= 1.013.

Vendor: ThemeREX
Product: ConFix
Published: Mar 05, 2026
Source: NVD
CVE-2026-27989 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quanzo: from n/a through <= 1.0.10.

Vendor: ThemeREX
Product: Quanzo
Published: Mar 05, 2026
Source: NVD
CVE-2026-27988 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Equadio: from n/a through <= 1.1.3.

Vendor: ThemeREX
Product: Equadio
Published: Mar 05, 2026
Source: NVD
CVE-2026-27987 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through <= 2.12.

Vendor: ThemeREX
Product: The Qlean
Published: Mar 05, 2026
Source: NVD
CVE-2026-27986 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects OsTende: from n/a through <= 1.4.3.

Vendor: ThemeREX
Product: OsTende
Published: Mar 05, 2026
Source: NVD
CVE-2026-27985 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Humanum humanum allows PHP Local File Inclusion.This issue affects Humanum: from n/a through <= 1.1.4.

Vendor: ThemeREX
Product: Humanum
Published: Mar 05, 2026
Source: NVD
CVE-2026-27541 HIGH - 7.1

Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.6.

Vendor: Josh Kohlbach
Product: Wholesale Suite
Published: Mar 05, 2026
Source: NVD
CVE-2026-27428 HIGH - 8.5

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eagle-Themes Eagle Booking eagle-booking allows SQL Injection.This issue affects Eagle Booking: from n/a through <= 1.3.4.3.

Vendor: Eagle-Themes
Product: Eagle Booking
Published: Mar 05, 2026
Source: NVD
CVE-2026-27406 HIGH - 7.5

Insertion of Sensitive Information Into Sent Data vulnerability in Joe Dolson My Tickets my-tickets allows Retrieve Embedded Sensitive Data.This issue affects My Tickets: from n/a through <= 2.1.0.

Vendor: Joe Dolson
Product: My Tickets
Published: Mar 05, 2026
Source: NVD
CVE-2026-27396 HIGH - 7.3

Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through <= 2.5.6.

Vendor: e-plugins
Product: Directory Pro
Published: Mar 05, 2026
Source: NVD
CVE-2026-27390 HIGH - 8.8

Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through <= 1.0.1.

Vendor: designthemes
Product: WeDesignTech Ultimate Booking Addon
Published: Mar 05, 2026
Source: NVD
CVE-2026-27388 HIGH - 7.5

Missing Authorization vulnerability in designthemes DesignThemes Booking Manager designthemes-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Booking Manager: from n/a through <= 2.0.

Vendor: designthemes
Product: DesignThemes Booking Manager
Published: Mar 05, 2026
Source: NVD
CVE-2026-27386 HIGH - 7.5

Missing Authorization vulnerability in designthemes DesignThemes Directory Addon designthemes-directory-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes Directory Addon: from n/a through <= 1.8.

Vendor: designthemes
Product: DesignThemes Directory Addon
Published: Mar 05, 2026
Source: NVD
CVE-2026-27385 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designthemes DesignThemes Portfolio designthemes-portfolio allows Reflected XSS.This issue affects DesignThemes Portfolio: from n/a through <= 1.3.

Vendor: designthemes
Product: DesignThemes Portfolio
Published: Mar 05, 2026
Source: NVD