Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,667
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 12,381 - 12,400 of 13,433 CVEs
CVE-2025-69075 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yolox: from n/a through <= 1.0.15.

Vendor: AncoraThemes
Product: Yolox
Published: Jan 22, 2026
Source: NVD
CVE-2025-69074 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pearson Specter pearsonspecter allows PHP Local File Inclusion.This issue affects Pearson Specter: from n/a through <= 1.11.3.

Vendor: AncoraThemes
Product: Pearson Specter
Published: Jan 22, 2026
Source: NVD
CVE-2025-69073 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through <= 1.0.11.

Vendor: AncoraThemes
Product: Piqes
Published: Jan 22, 2026
Source: NVD
CVE-2025-69072 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Prider prider allows PHP Local File Inclusion.This issue affects Prider: from n/a through <= 1.1.3.1.

Vendor: AncoraThemes
Product: Prider
Published: Jan 22, 2026
Source: NVD
CVE-2025-69071 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes TanTum tantum allows PHP Local File Inclusion.This issue affects TanTum: from n/a through <= 1.1.13.

Vendor: AncoraThemes
Product: TanTum
Published: Jan 22, 2026
Source: NVD
CVE-2025-69070 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tornados tornados allows PHP Local File Inclusion.This issue affects Tornados: from n/a through <= 2.1.

Vendor: AncoraThemes
Product: Tornados
Published: Jan 22, 2026
Source: NVD
CVE-2025-69068 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Muji muji allows PHP Local File Inclusion.This issue affects Muji: from n/a through <= 1.2.0.

Vendor: AncoraThemes
Product: Muji
Published: Jan 22, 2026
Source: NVD
CVE-2025-69067 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tails tails allows PHP Local File Inclusion.This issue affects Tails: from n/a through <= 1.4.12.

Vendor: AncoraThemes
Product: Tails
Published: Jan 22, 2026
Source: NVD
CVE-2025-69066 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This issue affects Indoor Plants: from n/a through <= 1.2.7.

Vendor: AncoraThemes
Product: Indoor Plants
Published: Jan 22, 2026
Source: NVD
CVE-2025-69065 HIGH - 8.2

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Snow Mountain snowmountain allows PHP Local File Inclusion.This issue affects Snow Mountain: from n/a through <= 1.4.3.

Vendor: AncoraThemes
Product: Snow Mountain
Published: Jan 22, 2026
Source: NVD
CVE-2025-69064 HIGH - 8.2

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pets Land petsland allows PHP Local File Inclusion.This issue affects Pets Land: from n/a through <= 1.2.8.

Vendor: AncoraThemes
Product: Pets Land
Published: Jan 22, 2026
Source: NVD
CVE-2025-69062 HIGH - 8.2

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Weedles weedles allows PHP Local File Inclusion.This issue affects Weedles: from n/a through <= 1.1.12.

Vendor: AncoraThemes
Product: Weedles
Published: Jan 22, 2026
Source: NVD
CVE-2025-69061 HIGH - 8.2

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects MoveMe: from n/a through <= 1.2.15.

Vendor: AncoraThemes
Product: MoveMe
Published: Jan 22, 2026
Source: NVD
CVE-2025-69060 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes uReach ureach allows PHP Local File Inclusion.This issue affects uReach: from n/a through <= 1.3.3.

Vendor: AncoraThemes
Product: uReach
Published: Jan 22, 2026
Source: NVD
CVE-2025-69059 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DiveIt diveit allows PHP Local File Inclusion.This issue affects DiveIt: from n/a through <= 1.4.3.

Vendor: AncoraThemes
Product: DiveIt
Published: Jan 22, 2026
Source: NVD
CVE-2025-69058 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue affects PartyMaker: from n/a through <= 1.1.15.

Vendor: AncoraThemes
Product: PartyMaker
Published: Jan 22, 2026
Source: NVD
CVE-2025-69057 HIGH - 8.1

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Eldon eldon allows PHP Local File Inclusion.This issue affects Eldon: from n/a through <= 1.0.

Vendor: Edge-Themes
Product: Eldon
Published: Jan 22, 2026
Source: NVD
CVE-2025-69056 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Hotel Listing hotel-listing allows Reflected XSS.This issue affects Hotel Listing: from n/a through <= 1.4.0.

Vendor: e-plugins
Product: Hotel Listing
Published: Jan 22, 2026
Source: NVD
CVE-2025-69054 HIGH - 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in highwarden Super Logos Showcase superlogoshowcase-wp allows Reflected XSS.This issue affects Super Logos Showcase: from n/a through <= 2.8.

Vendor: highwarden
Product: Super Logos Showcase
Published: Jan 22, 2026
Source: NVD
CVE-2025-69053 HIGH - 7.3

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through <= 3.8.4.

Vendor: LambertGroup
Product: Universal Video Player
Published: Jan 22, 2026
Source: NVD