CWE-98: CWE-98
Yearly Trend
Top Affected Vendors
All CWE-98 CVEs (608)
This CVE describes a Local File Inclusion vulnerability in the Puca WordPress theme that allows attackers to include arbitrary local files via imprope...
Jun 27, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 27, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 27, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 27, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 27, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 27, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This CVE describes a Local File Inclusion vulnerability in the Hara WordPress theme that allows attackers to include arbitrary local files via PHP's i...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Lasa WordPress theme. Attackers can exploit improper filename control in include/re...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Jun 17, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 17, 2025This vulnerability allows unauthenticated attackers to include and execute arbitrary PHP files on WordPress servers running the Zagg WooCommerce theme...
Jun 14, 2025This CVE describes a PHP Local File Inclusion vulnerability in the TinySalt WordPress theme. Attackers can include arbitrary local files on the server...
Jun 10, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 9, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Jun 9, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 9, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 9, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 9, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jun 9, 2025This vulnerability allows attackers to include and execute arbitrary local PHP files on WordPress sites using the WP Smart Import plugin. Attackers ca...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper input validation in the Oxpitan WordPress theme. It affects ...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 23, 2025This vulnerability allows attackers to include arbitrary local files through PHP's include/require statements in the Enzio WordPress theme. Attackers ...
May 23, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
May 23, 2025The Edumall WordPress theme contains a Local File Inclusion vulnerability that allows unauthenticated attackers to include and execute arbitrary PHP f...
Apr 26, 2025This vulnerability allows attackers to include local files on the server through improper filename control in the FAT Cooming Soon WordPress plugin. A...
Apr 11, 2025This vulnerability allows attackers to include and execute arbitrary PHP files on servers running the affected WordPress plugin. It affects all WordPr...
Apr 11, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 11, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 11, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 11, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 10, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements in the Essential Real Estate WordPre...
Apr 1, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Apr 1, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Mar 26, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It aff...
Mar 26, 2025This vulnerability allows attackers to include local files on the server through the WordPress custom-field-list-widget plugin. Attackers can potentia...
Mar 26, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements, potentially leading to sensitive in...
Feb 25, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 22, 2025This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...
Jan 9, 2025This vulnerability allows attackers to include local files on the server through PHP's include/require statements, potentially leading to sensitive in...
Jan 7, 2025This CVE describes a PHP Local File Inclusion vulnerability in the Axeptio WordPress plugin that allows attackers to include arbitrary local files via...
Dec 18, 2024The Soledad WordPress theme contains a Local File Inclusion vulnerability that allows unauthenticated attackers to include and execute arbitrary PHP f...
Dec 6, 2024About CWE-98 (CWE-98)
Our database tracks 608 CVEs classified as CWE-98, with 81 rated critical and 513 rated high severity. The average CVSS score for CWE-98 vulnerabilities is 8.1.
External reference: View CWE-98 on MITRE CWE →
Monitor CWE-98 Vulnerabilities
Get alerted when new CWE-98 CVEs affect your infrastructure.
Start Monitoring Free