Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.1

HIGH

CVE-2025-60044

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fribbo fribbo allows PHP Local File Inclusion.This issue affects Fribbo: from n/a through <= 1.1.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-58900

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes UniTravel unitravel allows PHP Local File Inclusion.This issue affects UniTravel: from n/a through <= 1.4.2....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2025-60056

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Winger winger allows PHP Local File Inclusion.This issue affects Winger: from n/a through <= 1.0.16....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-58901

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Takeout takeout allows PHP Local File Inclusion.This issue affects Takeout: from n/a through <= 1.3.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2023-53741

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established...

Affected Products : sft_dab_600\/c_firmware sft_dab_600\/c sft_dab_015\/c_firmware sft_dab_015\/c sft_dab_050\/c_firmware sft_dab_050\/c sft_dab_150\/c_firmware sft_dab_150\/c sft_dab_300\/c_firmware sft_dab_300\/c
Published: Dec. 10, 2025

Modified: Dec. 18, 2025

Vuln Type: Authentication
8.1

HIGH

CVE-2025-58225

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Paragon paragon allows PHP Local File Inclusion.This issue affects Paragon: from n/a through <= 1.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-60069

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through <= 3.9.6....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-53445

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through <= 1.4....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-58926

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Cerebrum cerebrum allows PHP Local File Inclusion.This issue affects Cerebrum: from n/a through <= 1.12....

Affected Products : cerebrum
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-52745

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Farm Agrico farmagrico allows PHP Local File Inclusion.This issue affects Farm Agrico: from n/a through <= 1.3.11....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49943

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Femme femme allows PHP Local File Inclusion.This issue affects Femme: from n/a through <= 1.3.11....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49365

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Jack Well jack-well allows PHP Local File Inclusion.This issue affects Jack Well: from n/a through <= 1.0.14....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-6326

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through <= 1.18.0....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49371

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Strux strux allows PHP Local File Inclusion.This issue affects Strux: from n/a through <= 1.9....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49364

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ludos Paradise ludos-paradise allows PHP Local File Inclusion.This issue affects Ludos Paradise: from n/a through <= 2.1....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49363

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Kings & Queens kings-queens allows PHP Local File Inclusion.This issue affects Kings & Queens: from n/a through <= 1.1.16...

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-49360

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Militarology militarology allows PHP Local File Inclusion.This issue affects Militarology: from n/a through <= 1.0.15....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
8.1

HIGH

CVE-2025-49362

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Gracioza gracioza allows PHP Local File Inclusion.This issue affects Gracioza: from n/a through <= 1.0.15....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Path Traversal
8.1

HIGH

CVE-2025-66528

Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce:...

Affected Products :
Published: Dec. 09, 2025

Modified: Dec. 11, 2025

Vuln Type: Authorization
8.1

HIGH

CVE-2025-60067

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Giardino giardino allows PHP Local File Inclusion.This issue affects Giardino: from n/a through <= 1.1.10....

Affected Products : giardino
Published: Dec. 18, 2025

Modified: Dec. 23, 2025

Vuln Type: Path Traversal

Showing 20 of 5221 Results

Browse by Apps

Latest CVE Feed

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

8.1

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable