2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-60046 — Axiomthemes Heartstar: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60046

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes HeartStar heartstar allows PHP Local File Inclusion.This issue affects HeartStar: from n/a through <= 1.0.14. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-60044 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60044

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fribbo fribbo allows PHP Local File Inclusion.This issue affects Fribbo: from n/a through <= 1.1.0. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-60043 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60043

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wanderic wanderic allows PHP Local File Inclusion.This issue affects Wanderic: from n/a through <= 1.0.10. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-60042 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-60042

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chinchilla chinchilla allows PHP Local File Inclusion.This issue affects Chinchilla: from n/a through <= 1.16. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
CRIT

CVE-2025-58951 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58951

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smartcms Advance Seat Reservation Management for WooCommerce scw-seat-reservation allows SQL Injection.This issue affects Advance Seat Reservation Management for WooCommerce: from n/a through <= 3.1. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58950 — Axiomthemes Lione: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58950

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lione lione allows PHP Local File Inclusion.This issue affects Lione: from n/a through <= 1.16. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58949 — Axiomthemes Spock: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58949

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through <= 1.17. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58948 — Axiomthemes Aromatica: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58948

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Aromatica aromatica allows PHP Local File Inclusion.This issue affects Aromatica: from n/a through <= 1.8. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58947 — Axiomthemes Athos: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58947

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Athos athos allows PHP Local File Inclusion.This issue affects Athos: from n/a through <= 1.9. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58946 — Axiomthemes Vocal: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58946

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Vocal vocal allows PHP Local File Inclusion.This issue affects Vocal: from n/a through <= 1.12. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58945 — Axiomthemes Ecogrow: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58945

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes EcoGrow ecogrow allows PHP Local File Inclusion.This issue affects EcoGrow: from n/a through <= 1.7. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58944 — Axiomthemes Manufactory: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58944

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Manufactory manufactory allows PHP Local File Inclusion.This issue affects Manufactory: from n/a through <= 1.4. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58943 — Axiomthemes Agricola: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58943

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through <= 1.1.0. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58942 — Axiomthemes Dwell: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58942

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58941 — Axiomthemes Fabric: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58941

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58940 — Axiomthemes Basil: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58940

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58937 — Axiomthemes Tacticool: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58937

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Tacticool tacticool allows PHP Local File Inclusion.This issue affects Tacticool: from n/a through <= 1.0.13. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58936 — Axiomthemes Catamaran: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58936

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Catamaran catamaran allows PHP Local File Inclusion.This issue affects Catamaran: from n/a through <= 1.15. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58935 — Axiomthemes Lunna: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58935

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lunna lunna allows PHP Local File Inclusion.This issue affects Lunna: from n/a through <= 1.15. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58934 — Axiomthemes The_gig: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58934

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes The Gig thegig allows PHP Local File Inclusion.This issue affects The Gig: from n/a through <= 1.18.0. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58933 — Axiomthemes Anubis: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58933

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Anubis anubis allows PHP Local File Inclusion.This issue affects Anubis: from n/a through <= 1.25. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58932 — Axiomthemes Prisma: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58932

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through <= 1.10. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58931 — Axiomthemes Palatio: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58931

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58930 — Axiomthemes Fitflex: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58930

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes FitFlex fitflex allows PHP Local File Inclusion.This issue affects FitFlex: from n/a through <= 1.6. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-18
2025-12-18 08:16Z
HIGH

CVE-2025-58929 — Axiomthemes Pantry: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-58929

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pantry pantry allows PHP Local File Inclusion.This issue affects Pantry: from n/a through <= 1.4. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDAxiomthemesTYPVulnerability
8.1
CVSS v3.1
91
Edit Score