CWE-98: CWE-98
Yearly Trend
Top Affected Vendors
All CWE-98 CVEs (608)
This CVE describes a PHP Local File Inclusion vulnerability in the Pathfinder WordPress theme. Attackers can include arbitrary local files, potentiall...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Nov 6, 2025This vulnerability allows attackers to include local files on the server through improper input validation in the Simple Contact Forms WordPress plugi...
Nov 6, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the Parkivia WordPress theme. Att...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Redy WordPress theme by axiomthemes, allowing attackers to include arbitrary local ...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the PJ | Life & Business Coaching WordPress theme. Attackers can include arbitrary loca...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Struktur WordPress theme. Attackers can include arbitrary local files through impro...
Feb 20, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the ThemeREX Gable WordPress theme. Attackers can ...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the ThemeREX Tint WordPress theme. Attackers can exploit improper filename control in i...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the ThemeREX Cobble WordPress theme. Attackers can include arbitrary local files throug...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the SolverWp Portfolio Builder WordPress plugin. Attackers can exploit improper filenam...
Feb 20, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the PeakShops WordPress theme. Attackers can poten...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Feb 20, 2026This CVE describes a Local File Inclusion (LFI) vulnerability in the Hara WordPress theme that allows attackers to include arbitrary local files throu...
Feb 20, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Urna WordPress theme. Attackers can exploit improper filename control in include/re...
Feb 20, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the Malta WordPress theme. Attack...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the North WordPress theme. Attackers can potential...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the Yolox WordPress theme. Attackers can potential...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper input validation in the Hobo WordPress theme. Attackers can ...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Weedles WordPress theme. Attackers can include arbitrary local files through improp...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the Pets Land WordPress theme. At...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the Indoor Plants WordPress theme...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the AncoraThemes Tails WordPress theme. Attackers can exploit improper filename control...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the Muji WordPress theme. Attackers can potentiall...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the Tornados WordPress theme. Attackers can potent...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the PartyMaker WordPress theme. Attackers can pote...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the DiveIt WordPress theme that allows attackers to include arbitrary local files via i...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the MoveMe WordPress theme. Attackers can exploit improper filename control in include/...
Jan 22, 2026About CWE-98 (CWE-98)
Our database tracks 608 CVEs classified as CWE-98, with 81 rated critical and 513 rated high severity. The average CVSS score for CWE-98 vulnerabilities is 8.1.
External reference: View CWE-98 on MITRE CWE →
Monitor CWE-98 Vulnerabilities
Get alerted when new CWE-98 CVEs affect your infrastructure.
Start Monitoring Free