Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,228 vulnerabilities with CWE-98

CVE-2025-58608 HIGH

BuddyDev MediaPress <1.5.9.1 - Code Injection

CVE-2025-47696 HIGH

Solwin Blog Designer PRO <3.4.7 - RFI

CVE-2025-54716 HIGH

ovatheme Ireca <1.8.5 - Code Injection

CVE-2025-53578 HIGH

gavias Kipso <1.3.4 - Code Injection

CVE-2025-53576 HIGH

Ovatheme Events <1.2.8 - Code Injection

CVE-2025-53334 HIGH

TieLabs Jannah <7.4.1 - Code Injection

CVE-2025-53328 HIGH

Assaf Parag Poll, Survey & Quiz Maker Plugin <19.11.0 - Code Injection

CVE-2025-53326 HIGH

Gutenify <= 1.5.4 - PHP Local File Inclusion

CVE-2025-53248 HIGH

Unfoldwp Magazine <1.2.2 - Code Injection

CVE-2025-53247 HIGH

WPInterface BlogMarks <1.0.8 - Code Injection

CVE-2025-53244 HIGH

Unfoldwp Magazine Elite <1.2.4 - Code Injection

CVE-2025-53227 HIGH

Unfoldwp Magazine Saga <1.2.7 - Code Injection

CVE-2025-53216 HIGH

ThemeUniver Glamer <1.0.2 - Code Injection

CVE-2025-49405 MEDIUM

Favethemes Houzez <4.1.4 - Code Injection

CVE-2025-49383 HIGH

CocoBasic Neresa <1.3 - Code Injection

CVE-2025-54750 HIGH

FunnelKit Funnel Builder <3.11.1 - Code Injection

CVE-2025-54034 HIGH

Tribulant Software Newsletters <4.10 - Code Injection

CVE-2025-54031 HIGH

Schiocco Support Board <3.8.0 - Code Injection

CVE-2025-54028 HIGH

CF7 WOW Styler <1.7.2 - Code Injection

CVE-2025-54017 HIGH

Cozmoslabs Paid Member Subscriptions <2.15.4 - Code Injection

CVE-2025-53567 HIGH

nK Ghost Kit <3.4.1 - Code Injection

CVE-2025-53565 HIGH

RadiusTheme Widget - Code Injection

CVE-2025-53210 HIGH

bdthemes ZoloBlocks <2.3.2 - Code Injection

CVE-2025-53207 HIGH

WP Travel Gutenberg Blocks <3.9.0 - Code Injection

CVE-2025-53204 HIGH

ovatheme eventlist <1.9.2 - Code Injection

Previous Page 31 of 50 Next

Details

Vulnerabilities 1,228

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy