Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,743
Quick preset (or use dates below)
Clear Filters
Showing 10,481 - 10,500 of 14,108 CVEs
CVE-2026-27340 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Apollo | Night Club, DJ Event WordPress Theme apollo allows PHP Local File Inclusion.This issue affects Apollo | Night Club, DJ Event WordPress Theme: from ...

Vendor: AncoraThemes
Product: Apollo | Night Club, DJ Event WordPress Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27339 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone | Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone | Magazine & Viral Blog W...

Vendor: AncoraThemes
Product: Buzz Stone | Magazine & Viral Blog WordPress Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27338 HIGH - 8.8

Deserialization of Untrusted Data vulnerability in AivahThemes Car Zone carzone allows Object Injection.This issue affects Car Zone: from n/a through <= 3.7.

Vendor: AivahThemes
Product: Car Zone
Published: Mar 05, 2026
Source: NVD
CVE-2026-27337 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & ...

Vendor: AncoraThemes
Product: Chronicle - Lifestyle Magazine & Blog WordPress Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27336 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, ...

Vendor: AncoraThemes
Product: Consultor | Consulting, Accounting & Legal Counsel WordPress Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27335 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & ...

Vendor: AncoraThemes
Product: Ekoterra - NonProfit, Green Energy & Ecology Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27334 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dan_fisher Alchemists alchemists allows PHP Local File Inclusion.This issue affects Alchemists: from n/a through <= 4.6.0.

Vendor: dan_fisher
Product: Alchemists
Published: Mar 05, 2026
Source: NVD
CVE-2026-27332 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Agrofood agrofood allows Reflected XSS.This issue affects Agrofood: from n/a through <= 1.3.0.

Vendor: skygroup
Product: Agrofood
Published: Mar 05, 2026
Source: NVD
CVE-2026-27326 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services ...

Vendor: axiomthemes
Product: AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27098 HIGH - 8.1

Deserialization of Untrusted Data vulnerability in axiomthemes Au Pair Agency - Babysitting & Nanny Theme au-pair-agency allows Object Injection.This issue affects Au Pair Agency - Babysitting & Nanny Theme: from n/a through <= 1.2.2.

Vendor: axiomthemes
Product: Au Pair Agency - Babysitting & Nanny Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-27097 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordP...

Vendor: AncoraThemes
Product: CasaMia | Property Rental Real Estate WordPress Theme
Published: Mar 05, 2026
Source: NVD
CVE-2026-24963 HIGH - 7.2

Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through <= 1.2.38.

Vendor: ameliabooking
Product: Amelia
Published: Mar 05, 2026
Source: NVD
CVE-2026-24385 HIGH - 7.5

Deserialization of Untrusted Data vulnerability in gerritvanaaken Podlove Web Player podlove-web-player allows Object Injection.This issue affects Podlove Web Player: from n/a through <= 5.9.1.

Vendor: gerritvanaaken
Product: Podlove Web Player
Published: Mar 05, 2026
Source: NVD
CVE-2026-23801 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes The Issue theissue allows PHP Local File Inclusion.This issue affects The Issue: from n/a through <= 1.6.11.

Vendor: fuelthemes
Product: The Issue
Published: Mar 05, 2026
Source: NVD
CVE-2026-23798 HIGH - 8.8

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through <= 11.15.10.

Vendor: blubrry
Product: PowerPress Podcasting
Published: Mar 05, 2026
Source: NVD
CVE-2026-22479 HIGH - 7.5

Missing Authorization vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Post Submission: from n/a through <= 2.2.0.

Vendor: ThemeRuby
Product: Easy Post Submission
Published: Mar 05, 2026
Source: NVD
CVE-2026-22478 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affects FindAll: from n/a through <= 1.4.

Vendor: Elated-Themes
Product: FindAll
Published: Mar 05, 2026
Source: NVD
CVE-2026-22477 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Felizia felizia allows PHP Local File Inclusion.This issue affects Felizia: from n/a through <= 1.3.4.

Vendor: AncoraThemes
Product: Felizia
Published: Mar 05, 2026
Source: NVD
CVE-2026-22476 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through <= 1.0.

Vendor: Elated-Themes
Product: Etchy
Published: Mar 05, 2026
Source: NVD
CVE-2026-22473 HIGH - 8.8

Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through <= 3.7.

Vendor: designthemes
Product: Dental Clinic
Published: Mar 05, 2026
Source: NVD