Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 5 March 2026
RSS523 vulnerabilities published on 5 March 2026
Severity:
TopFit Fitness Theme Can Access Local Files
CVE-2026-27342
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopFit - Fitnes...
8.1
TopScorer WordPress Theme Allows Malicious File Access
CVE-2026-27341
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes TopScorer - Spo...
8.1
AncoraThemes Apollo Theme Allows Attackers to Access Local Files
CVE-2026-27340
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Apollo | Night C...
8.1
AncoraThemes Buzz Stone Theme Allows Hackers to Access Local Files
CVE-2026-27339
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone | Mag...
8.1
AncoraThemes Consultor Theme Allows Attacker to Access Local Files
CVE-2026-27336
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Consultor | Cons...
8.1
Alchemists PHP Software Allows Access to Local Files
CVE-2026-27334
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dan_fisher Alchemists alchemi...
8.1
AC Services WordPress Theme Exposes Sensitive Files
CVE-2026-27326
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services | HVA...
8.1
CasaMia WordPress Theme Allows Access to Local Files
CVE-2026-27097
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CasaMia | Proper...
8.1
Elated-Themes FindAll allows hackers to access your files
CVE-2026-22478
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall...
8.1
AncoraThemes Felizia PHP Theme Can Read Local Files
CVE-2026-22477
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Felizia felizia ...
8.1
Etchy Theme Allows Attackers to Access Local Files
CVE-2026-22476
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Etchy etchy all...
8.1
Mikado-Themes Wanderland allows attackers to access local files
CVE-2026-22457
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wanderland wand...
8.1
Askka Theme Allows Attacker to Access Local Files
CVE-2026-22456
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Askka askka all...
8.1
Hoverex Theme: Malicious Files Can Be Served from Your Server
CVE-2026-22452
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Hoverex hoverex allo...
8.1
Don Peppe Software Allows Hackers to Access Local Files
CVE-2026-22449
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Don Peppe donpe...
8.1
Prowess Website Allows Attackers to Access Local Files
CVE-2026-22446
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess...
8.1
ThemeREX Alliance allows hackers to read local files
CVE-2026-22443
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Alliance alliance al...
8.1
LaunchandSell Tribe tribe exposes sensitive files via local file inclusion
CVE-2026-22442
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LaunchandSell Tribe tribe all...
8.1
Elated-Themes Zentrum zentrum: Malicious Files Can Be Loaded
CVE-2026-22441
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Zentrum zentrum...
8.1
Green Planet Theme Allows Attackers to Access Local Files
CVE-2026-22439
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Green Planet gre...
8.1
AncoraThemes Playa playa allows attackers to access local files
CVE-2026-22437
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Playa playa allo...
8.1
Elated-Themes Helvig: Malicious Files Can Be Accessed
CVE-2026-22436
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Helvig helvig a...
8.1
ElectroServ allows accessing local files on the server
CVE-2026-22435
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes ElectroServ elec...
8.1
Crown Art crown-art allows attackers to read local files
CVE-2026-22434
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Crown Art crown-...
8.1
AncoraThemes CloudMe allows hackers to access local files
CVE-2026-22433
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CloudMe cloudme ...
8.1