Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.1 HIGH
CVE-2026-28011 — WordPress Yottis theme <= 1.0.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yottis yottis allows PHP Local File Inclusion.This issue affects Yott…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-28010 — WordPress Scientia theme <= 1.2.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Scientia scientia allows PHP Local File Inclusion.This issue affects …

Remote | Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
8.1 HIGH
CVE-2026-28009 — WordPress DroneX theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects Dron…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-28007 — WordPress Coinpress theme <= 1.0.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Coinpress coinpress allows PHP Local File Inclusion.This issue affect…

Remote | Path Traversal
Mar 05, 2026 Mar 05, 2026
Mar 05, 2026
Mar 05, 2026
8.1 HIGH
CVE-2026-28006 — WordPress Yungen theme <= 1.0.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Yungen yungen allows PHP Local File Inclusion.This issue affects Yung…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27998 — WordPress Vixus theme <= 1.0.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Vixus vixus allows PHP Local File Inclusion.This issue affects Vixus:…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27997 — WordPress Maxify theme <= 1.0.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Maxify maxify allows PHP Local File Inclusion.This issue affects Maxi…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27996 — WordPress Lingvico theme <= 1.0.14 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Lingvico lingvico allows PHP Local File Inclusion.This issue affects …

Remote | Injection
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27995 — WordPress Justitia theme <= 1.1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Justitia justitia allows PHP Local File Inclusion.This issue affects …

Remote | Injection
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27994 — WordPress Tediss theme <= 1.2.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Tediss tediss allows PHP Local File Inclusion.This issue affects Tedi…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27993 — WordPress Aldo theme <= 1.0.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aldo aldo allows PHP Local File Inclusion.This issue affects Aldo: fr…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27992 — WordPress Meals & Wheels theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This issu…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27991 — WordPress Avventure theme <= 1.1.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affect…

Remote | Injection
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27990 — WordPress ConFix theme <= 1.013 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConF…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27989 — WordPress Quanzo theme <= 1.0.10 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quan…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27988 — WordPress Equadio theme <= 1.1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Eq…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27987 — WordPress The Qlean theme <= 2.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affect…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27986 — WordPress OsTende theme <= 1.4.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects Os…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
8.1 HIGH
CVE-2026-27985 — WordPress Humanum theme <= 1.1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Humanum humanum allows PHP Local File Inclusion.This issue affects Hu…

Remote | Path Traversal
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
9.0 CRITICAL
CVE-2026-27984 — WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= 4.…

Remote | Injection
Mar 05, 2026 Mar 06, 2026
Mar 05, 2026
Mar 06, 2026
Showing 20 of 5071 Results