CWE-98: CWE-98
Yearly Trend
Top Affected Vendors
All CWE-98 CVEs (608)
This CVE describes a PHP Local File Inclusion vulnerability in the MaxShop WordPress theme. Attackers can include arbitrary local files through improp...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the TΓΆbel WordPress theme. Attackers can potentia...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Dekoro WordPress theme. Attackers can include arbitrary local files through imprope...
Jan 22, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the Vango WordPress theme. Attackers can read sens...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the iRecco Core WordPress plugin. Attackers can include arbitrary local files on the se...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper input validation in the Bajaar WordPress theme. Attackers ca...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Pippo WordPress theme. Attackers can include arbitrary local files through improper...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Powerlift WordPress theme by Mikado-Themes. Attackers can exploit improper filename...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the The Aisle WordPress theme. At...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper input validation in the Myour WordPress theme. Attackers can...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the Mella WordPress theme. Attack...
Jan 22, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 8, 2026This vulnerability allows attackers to include local PHP files on servers running the Optimize WordPress theme, potentially leading to remote code exe...
Jan 8, 2026This CVE describes a PHP Local File Inclusion vulnerability in the Curly WordPress theme by Mikado-Themes. Attackers can include arbitrary local files...
Jan 8, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 8, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 8, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 7, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Jan 7, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 6, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 6, 2026This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 6, 2026This vulnerability allows attackers to include local PHP files through improper filename control in the Lekker WordPress theme. Attackers can potentia...
Dec 30, 2025This vulnerability allows attackers to include arbitrary local files through PHP's include/require statements in the Inset WordPress theme. Attackers ...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Traveler WordPress theme. Attackers can include arbitrary local files on the server...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper input validation in PHP include/require statements. It affec...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Dec 18, 2025This vulnerability allows attackers to include local PHP files through improper filename control in the MinimogWP WordPress theme, potentially leading...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements, potentially leading to remote code ...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Kicker WordPress theme by axiomthemes. Attackers can include arbitrary local files ...
Dec 18, 2025This vulnerability allows attackers to include and execute arbitrary local files on the server via PHP's include/require statements in the Renewal Wor...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Pinevale WordPress theme. Attackers can include arbitrary local files through impro...
Dec 18, 2025This vulnerability allows attackers to include local PHP files through improper filename control in the Katelyn WordPress theme. Attackers can potenti...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Giardino WordPress theme that allows attackers to include arbitrary local files thr...
Dec 18, 2025This vulnerability allows attackers to include local PHP files through improper filename control in the Winger WordPress theme. Attackers can potentia...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the DJ Rainflow WordPress theme. Attackers can include arbitrary local files from the s...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Pubzinne WordPress theme. Attackers can include arbitrary local files through impro...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Dec 18, 2025This CVE describes a PHP Local File Inclusion vulnerability in the IPharm WordPress theme. Attackers can include arbitrary local files through imprope...
Dec 18, 2025This vulnerability allows attackers to include local files on the server through improper input validation in the Tripster WordPress theme. Attackers ...
Dec 18, 2025About CWE-98 (CWE-98)
Our database tracks 608 CVEs classified as CWE-98, with 81 rated critical and 513 rated high severity. The average CVSS score for CWE-98 vulnerabilities is 8.1.
External reference: View CWE-98 on MITRE CWE →
Monitor CWE-98 Vulnerabilities
Get alerted when new CWE-98 CVEs affect your infrastructure.
Start Monitoring Free