Weaknesses of type CWE-98
1,231 resultsCVE-2024-27971HIGHWordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.10 - Local File Inclusion vulnerabilityEPSS 1.5%CVE-2015-10133HIGHSubscribe to Comments <= 2.1.2 - Local File IncludionEPSS 1.4%CVE-2023-5199CRITICALPHP to Page <= 0.3 - Authenticated (Subscriber+) Local File Inclusion to Remote Code Execution via ShortcodeEPSS 1.4%CVE-2025-14502CRITICALNews and Blog Designer Bundle <= 1.1 - Unauthenticated Local File InclusionEPSS 1.3%CVE-2019-5479—An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).EPSS 1.3%CVE-2022-4446CRITICALPHP Remote File Inclusion in tsolucio/corebosEPSS 1.3%CVE-2024-10898HIGHContact Form 7 Email Add on <= 1.9 - Authenticated (Contributor+) Local File InclusionEPSS 1.3%CVE-2023-31716—FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.logEPSS 1.2%CVE-2012-10025CRITICALWordPress Plugin Advanced Custom Fields <= 3.5.1 Remote File InclusionEPSS 1.2%CVE-2022-41547HIGHMobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzeEPSS 1.2%CVE-2024-30849CRITICALArbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via fEPSS 1.1%CVE-2023-5250HIGHGrid Plus <= 1.3.3 - Authenticated (Subscriber+) Local File Inclusion via ShortcodeEPSS 1.1%CVE-2024-3499HIGHElementsKit Elementor addons <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Onepage Scroll ModuleEPSS 1.1%CVE-2024-3500HIGHElementsKit Pro <= 3.6.0 - Authenticated (Contributor+) Local File Inclusion via Price Menu, Hotspot, and Advanced Toggle WidgetsEPSS 1.1%CVE-2024-14002HIGHNagios XI < 2024R1.1.4 Authenticated Local File Inclusion via NagVisEPSS 1.1%CVE-2024-10873HIGHLA-Studio Element Kit for Elementor <= 1.4.2 - Authenticated (Contributor+) Local File InclusionEPSS 1.1%CVE-2025-23915HIGHWordPress FAT Event Lite plugin <= 1.1 - Authenticated Non-Arbitrary Local File Inclusion vulnerabilityEPSS 1.0%CVE-2024-4936CRITICALCanto <= 3.0.8 - Unauthenticated Remote File InclusionEPSS 1.0%CVE-2024-3808HIGHPorto Theme - Functionality <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via ShortcodeEPSS 1.0%CVE-2024-3809HIGHPorto Theme - Functionality <= 3.0.9 - Authenticated (Contributor+) Local File Inclusion via Post MetaEPSS 1.0%