Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) — Vulnerability Class 1082

1082 vulnerabilities classified as CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-31387 WordPress InstaWP Connect plugin <= 0.1.0.82 - Local File Inclusion vulnerability — InstaWP Connect 7.5 High2025-03-31
CVE-2025-31016 WordPress JetWooBuilder plugin <= 2.1.18 - Local File Inclusion vulnerability — JetWooBuilder 7.5 High2025-03-31
CVE-2025-30835 WordPress Accounting for WooCommerce plugin <= 1.6.8 - Local File Inclusion vulnerability — Accounting for WooCommerce 7.5 High2025-03-31
CVE-2025-31432 WordPress Pop-Up Chop Chop plugin <= 2.1.7 - Local File Inclusion Vulnerability — Pop-Up Chop Chop 7.5 High2025-03-28
CVE-2025-26890 WordPress HUSKY plugin <= 1.3.6.4 - Local File Inclusion vulnerability — HUSKY 7.5 High2025-03-27
CVE-2025-26909 WordPress Hide My WP Ghost plugin <= 5.4.01 - Local File Inclusion to RCE vulnerability — Hide My WP Ghost 9.6 Critical2025-03-27
CVE-2025-30891 WordPress WpTravelly Plugin <= 1.8.7 - Local File Inclusion vulnerability — WpTravelly 8.8 High2025-03-27
CVE-2025-30890 WordPress Login Widget for Ultimate Member plugin <= 1.1.2 - Local File Inclusion vulnerability — Login Widget for Ultimate Member 7.5 High2025-03-27
CVE-2025-30871 WordPress WP Travel Engine plugin <= 6.3.5 - Local File Inclusion vulnerability — WP Travel Engine 7.5 High2025-03-27
CVE-2025-30868 WordPress Team Manager plugin <= 2.1.23 - Local File Inclusion Vulnerability — Team Manager 7.5 High2025-03-27
CVE-2025-30846 WordPress Restaurant Menu by MotoPress plugin <= 2.4.4 - Local File Inclusion vulnerability — Restaurant Menu by MotoPress 8.8 High2025-03-27
CVE-2025-30845 WordPress The Pack Elementor addons plugin <= 2.1.1 - Local File Inclusion vulnerability — The Pack Elementor addons 7.5 High2025-03-27
CVE-2025-30831 WordPress Themify Event Post Plugin <= 1.3.2 - Local File Inclusion vulnerability — Themify Event Post 7.5 High2025-03-27
CVE-2025-30829 WordPress WPCafe plugin <= 2.2.31 - Local File Inclusion vulnerability — WPCafe 7.5 High2025-03-27
CVE-2025-30820 WordPress WishSuite plugin <= 1.4.4 - Local File Inclusion Vulnerability — WishSuite 7.5 High2025-03-27
CVE-2025-30814 WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability — The Post Grid 7.5 High2025-03-27
CVE-2025-30785 WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion Vulnerability — Subscribe to Download Lite 7.5 High2025-03-27
CVE-2025-26986 WordPress Pearl Theme < 3.4.8 - Local File Inclusion vulnerability — Pearl - Corporate Business 8.1 High2025-03-26
CVE-2025-27015 WordPress Hostiko Theme < 30.1 - Local File Inclusion vulnerability — Hostiko 7.5 High2025-03-26
CVE-2025-28916 WordPress Docpro plugin <= 2.0.1 - Local File Inclusion vulnerability — Docpro 9.8 Critical2025-03-26
CVE-2025-24690 WordPress Formality Plugin <= 1.5.7 - Local File Inclusion vulnerability — Formality 8.1 High2025-03-26
CVE-2025-23952 WordPress Custom Field List Widget Plugin <= 1.5.1 - Local File Inclusion vulnerability — custom-field-list-widget 8.1 High2025-03-26
CVE-2025-23937 WordPress LinkedIn Lite Plugin <= 1.0 - Local File Inclusion vulnerability — LinkedIn Lite 8.1 High2025-03-26
CVE-2024-13790 MinimogWP – The High Converting eCommerce WordPress Theme <= 3.7.0 - Unauthenticated Local PHP File Inclusion — MinimogWP – The High Converting eCommerce WordPress Theme 9.8 Critical2025-03-19
CVE-2024-12563 s2Member Pro <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode — s2Member Pro 8.8 High2025-03-18
CVE-2025-1771 Traveler <= 3.1.8 - Unauthenticated Local File Inclusion via hotel_alone_load_more_post — Travel Booking WordPress Theme 9.8 Critical2025-03-15
CVE-2025-1707 Review Schema <= 2.2.4 - Authenticated (Contributor+) Local File Inclusion via Post Meta — Review Schema – Review & Structure Data Schema Plugin 8.8 High2025-03-11
CVE-2025-26916 WordPress Massive Dynamic theme <= 8.2 - Unauthenticated Local File Inclusion vulnerability — Massive Dynamic 9.0 Critical2025-03-10
CVE-2025-26933 WordPress Place Order Without Payment for WooCommerce plugin <= 2.6.7 - Local File Inclusion vulnerability — WC Place Order Without Payment 7.5 High2025-03-10
CVE-2025-27264 WordPress Doctor Appointment Booking Plugin <= 1.0.0 - Local File Inclusion vulnerability — Doctor Appointment Booking 7.5 High2025-03-03

Vulnerabilities classified as CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) represent 1082 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.