Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 5 March 2026
RSS523 vulnerabilities published on 5 March 2026
Severity:
Little Birdies: Malicious Files Can Be Loaded from Local System
CVE-2026-28129
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Little Birdies li...
8.1
ThemeREX Verse allows hackers to access and read files on your server
CVE-2026-28128
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Verse verse allows P...
8.1
AncoraThemes Midi PHP File Inclusion Risk
CVE-2026-28125
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Midi midi allows...
8.1
AncoraThemes Notarius: Unapproved Files Can Be Included in PHP Code
CVE-2026-28124
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Notarius notariu...
8.1
Veil Theme Allows Attackers to Access Local Files
CVE-2026-28123
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows...
8.1
Anderson Plugin Allows Attackers to Access Local Files
CVE-2026-28121
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Anderson anderso...
8.1
ThemeREX Dr.Patterson Allows Access to Sensitive Local Files
CVE-2026-28120
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dr.Patterson dr-patt...
8.1
Axiomthemes Nirvana allows hackers to access local files through malicious URLs
CVE-2026-28119
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Nirvana allows PH...
8.1
Welldone Template Allows Malicious File Access
CVE-2026-28118
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Welldone welldone...
8.1
Smart SEO Plugin Allows Access to Sensitive Files
CVE-2026-28117
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes smart SEO smartSE...
8.1
ThemeREX Muzicon allows hackers to access local files
CVE-2026-28107
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Muzicon muzicon allo...
8.1
Save Life ThemeREX Save Life allows attackers to access local files
CVE-2026-28098
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Save Life save-life ...
8.1
ThemeREX Artrium Allows Malicious File Access
CVE-2026-28097
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Artrium artrium allo...
8.1
WealthCo Theme: Malicious Files Can Be Loaded from Local System
CVE-2026-28096
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX WealthCo wealthco al...
8.1
Marcell Allows Malicious Files to Be Imported on Site
CVE-2026-28095
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Marcell marcell allo...
8.1
RexCoin theme includes local files from your computer
CVE-2026-28094
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX RexCoin rexcoin allo...
8.1
Ozisti Theme: Attackers can access local files via theme settings
CVE-2026-28093
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Ozisti ozisti allows...
8.1
ThemeREX Sounder allows attackers to access local files
CVE-2026-28092
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Sounder sounder allo...
8.1
Coleo ThemeREX PHP File Inclusion Bug: Local Files Accessible
CVE-2026-28091
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Coleo coleo allows P...
8.1
Gamezone Theme Allows Unwanted File Access
CVE-2026-28090
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Gamezone gamezone al...
8.1
Daiquiri ThemeREX: Malicious Files Can Be Accessed by Attackers
CVE-2026-28089
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Daiquiri daiquiri al...
8.1
ThemeREX Aqualots allows hackers to access local files
CVE-2026-28088
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aqualots aqualots al...
8.1
ThemeREX Filmax allows hackers to access local files
CVE-2026-28087
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Filmax filmax allows...
8.1
Run Gran ThemeREX Allows Access to Local Files
CVE-2026-28086
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Run Gran run-gran al...
8.1
ThemeREX Mahogany allows accessing local files on the server
CVE-2026-28085
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Mahogany mahogany al...
8.1