CWE-98: CWE-98
Yearly Trend
Top Affected Vendors
All CWE-98 CVEs (608)
This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 9, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 6, 2025This vulnerability allows attackers to include local files on the server through improper filename control in the WP Multilang WordPress plugin. It af...
Jun 6, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 6, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 6, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
May 19, 2025This CVE describes a PHP remote file inclusion vulnerability in the Grip WordPress theme. Attackers can include arbitrary remote files, potentially le...
May 19, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 19, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
May 16, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
May 16, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 7, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 7, 2025This vulnerability allows attackers to include local PHP files through improper filename control in the Display Eventbrite Events WordPress plugin. At...
May 7, 2025This CVE describes a PHP Local File Inclusion vulnerability in the GamiPress WordPress plugin. Attackers can include arbitrary local files through imp...
May 7, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 7, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 7, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
May 7, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 7, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in the Arrival WordPress theme. Attackers c...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 24, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 17, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Docket Cache WordPress plugin. Attackers can include arbitrary local files on the s...
Apr 17, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Széchenyi 2020 Logo WordPress plugin. Attackers can exploit improper filename cont...
Apr 17, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Ray Enterprise Translation WordPress plugin. Attackers can exploit improper filenam...
Apr 17, 2025This vulnerability allows attackers to include local files on the server through improper input validation in the Eventin WordPress plugin. Attackers ...
Apr 16, 2025This vulnerability allows attackers to include arbitrary local files on the server through PHP's include/require statements in the Subscribe to Unlock...
Apr 16, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the hockeydata LOS WordPress plug...
Apr 15, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements, potentially leading to sensitive in...
Apr 11, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Apr 10, 2025This vulnerability allows attackers to include arbitrary PHP files from remote servers in the aThemes Addons for Elementor WordPress plugin. Attackers...
Apr 10, 2025This vulnerability allows attackers to include local PHP files through improper filename control in the WP Subscription Forms WordPress plugin. Attack...
Apr 9, 2025This vulnerability allows attackers to include local files on the server through improper input validation in the Just Post Preview Widget WordPress p...
Apr 4, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Apr 4, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 4, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 4, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 4, 2025This CVE describes a PHP Local File Inclusion vulnerability in the DeBounce Email Validator WordPress plugin. Attackers can exploit improper filename ...
Apr 3, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Apr 1, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Mar 31, 2025This CVE describes a PHP Local File Inclusion vulnerability in the JetWooBuilder WordPress plugin. Attackers can include arbitrary local files through...
Mar 31, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Mar 31, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Pop-Up Chop Chop WordPress plugin. Attackers can include arbitrary local files, pot...
Mar 28, 2025This CVE describes a PHP Local File Inclusion vulnerability in the HUSKY plugin for WordPress. Attackers can exploit improper filename control in incl...
Mar 27, 2025About CWE-98 (CWE-98)
Our database tracks 608 CVEs classified as CWE-98, with 81 rated critical and 513 rated high severity. The average CVSS score for CWE-98 vulnerabilities is 8.1.
External reference: View CWE-98 on MITRE CWE →
Monitor CWE-98 Vulnerabilities
Get alerted when new CWE-98 CVEs affect your infrastructure.
Start Monitoring Free