Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) — Vulnerability Class 1082

1082 vulnerabilities classified as CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-25109 WordPress Vehicle Manager plugin <= 3.1 - Local File Inclusion vulnerability — WP Vehicle Manager 8.1 High2025-03-03
CVE-2025-23945 WordPress Popliup Plugin <= 1.1.1 - Local File Inclusion vulnerability — Popliup 7.5 High2025-03-03
CVE-2024-9193 WHMpress <= 6.3-revision-0 - Unauthenticated Local File Inclusion to Arbitrary Options Update — WHMpress - WHMCS WordPress Integration Plugin 9.8 Critical2025-02-28
CVE-2024-12811 Traveler <= 3.1.9 - Authenticated (Contributor+) Local File Inclusion via Shortcode — Travel Booking WordPress Theme 8.8 High2025-02-27
CVE-2025-26979 WordPress Funnel Builder by FunnelKit plugin <= 3.9.0 - Local File Inclusion vulnerability — Funnel Builder by FunnelKit 7.5 High2025-02-25
CVE-2025-26964 WordPress Eventin plugin <= 4.0.20 - Local File Inclusion vulnerability — Eventin 7.5 High2025-02-25
CVE-2025-26957 WordPress Affiliate Coupons plugin <= 1.7.3 - Local File Inclusion vulnerability — Affiliate Coupons 7.5 High2025-02-25
CVE-2025-26932 WordPress WPBot plugin <= 6.3.5 - Local File Inclusion vulnerability — ChatBot 7.5 High2025-02-25
CVE-2025-26985 WordPress Majestic Support plugin <= 1.0.6 - Local File Inclusion vulnerability — Majestic Support 8.1 High2025-02-25
CVE-2025-27272 WordPress VG PostCarousel plugin <= 1.1 - Local File Inclusion vulnerability — VG PostCarousel 7.5 High2025-02-24
CVE-2025-26760 WordPress Calculator Builder plugin <= 1.6.2 - Local File Inclusion vulnerability — Calculator Builder 9.1 -2025-02-22
CVE-2025-26757 WordPress FULL – Cliente plugin <= 3.1.26 - Local File Inclusion vulnerability — FULL Customer 8.1 -2025-02-22
CVE-2024-13353 Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.4 - Authenticated (Contributor+) Local File Inclusion — Responsive Addons for Elementor – Free Elementor Addons, Kits and Elementor Templates 8.8 High2025-02-21
CVE-2024-13592 Team Builder For WPBakery Page Builder(Formerly Visual Composer) <= 1.0 - Authenticated (Contributor+) Local File Inclusion — Team Builder For WPBakery Page Builder(Formerly Visual Composer) 7.5 High2025-02-19
CVE-2025-22656 WordPress Cookie Monster Plugin <= 1.2.2 - Local File Inclusion vulnerability — Cookie Monster 8.1 High2025-02-18
CVE-2025-25141 WordPress Fami Sales Popup plugin <= 2.0.0 - Local File Inclusion vulnerability — Fami Sales Popup 7.5 High2025-02-07
CVE-2024-12859 BoomBox Theme Extensions <= 1.8.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode — BoomBox Theme Extensions 8.8 High2025-02-03
CVE-2025-0366 Jupiter X Core <= 4.8.7 - Authenticated (Contributor+) SVG Upload to Local File Inclusion (Remote Code Execution) — Jupiter X Core 8.8 High2025-02-01
CVE-2025-24782 WordPress Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin <= 1.6.10 - Local File Inclusion vulnerability — Post Grid, Slider & Carousel Ultimate 6.5 Medium2025-01-27
CVE-2025-0682 ThemeREX Addons <= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode — ThemeREX Addons 8.8 High2025-01-25
CVE-2025-24733 WordPress Post Grid Master plugin <= 3.4.12 - Local File Inclusion vulnerability — Post Grid Master 6.5 Medium2025-01-24
CVE-2024-45077 IBM Maximo Asset Management file upload — Maximo Asset Management 6.5 Medium2025-01-24
CVE-2024-13408 Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion — Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget 7.5 High2025-01-24
CVE-2024-13593 BMLT Meeting Map <= 2.6.0 - Authenticated (Contributor+) Local File Inclusion — BMLT Meeting Map 7.5 High2025-01-23
CVE-2025-23949 WordPress Improved Sale Badges – Free Version Plugin <= 1.0.1 - Local File Inclusion vulnerability — Improved Sale Badges – Free Version 8.1 High2025-01-22
CVE-2025-23948 WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability — Background animation blocks 8.1 High2025-01-22
CVE-2025-23938 WordPress Image Gallery Box by CRUDLab Plugin <= 1.0.3 - Local File Inclusion vulnerability — Image Gallery Box by CRUDLab 7.5 High2025-01-22
CVE-2025-22311 WordPress Private Messages for UserPro plugin <= 4.10.0 - Local File Inclusion vulnerability — Private Messages for UserPro 7.5 High2025-01-21
CVE-2025-23915 WordPress FAT Event Lite plugin <= 1.1 - Authenticated Non-Arbitrary Local File Inclusion vulnerability — FAT Event Lite 7.5 High2025-01-16
CVE-2025-22508 WordPress FAT Event Lite plugin <= 1.1 - Unauthenticated Non-Arbitrary Local File Inclusion vulnerability — FAT Event Lite 8.1 High2025-01-09

Vulnerabilities classified as CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) represent 1082 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.