Weaknesses of type CWE-98
1,231 resultsCVE-2026-8134CRITICALConcrete CMS 9.5.0 and below is vulnerable to Authenticated RCE via Composer customTemplate Path Traversal leading to PHP File InclusionEPSS 0.7%CVE-2025-0632CRITICALLocal File Inclusion (LFI) leading to sensitive data exposureEPSS 0.7%CVE-2025-2101HIGHEdumall <= 4.2.4 - Unauthenticated Local File InclusionEPSS 0.7%CVE-2025-32519HIGHWordPress IDonate plugin <= 2.1.18 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2023-49031MEDIUMDirectory Traversal (Local File Inclusion) vulnerability in Tikit (now Advanced) eMarketing platform 6.8.3.0 allows a remote attacker to reaEPSS 0.7%CVE-2026-39387HIGHBoidCMS: Local File Inclusion (LFI) leads to Remote Code Execution (RCE) via tpl parameterEPSS 0.7%CVE-2024-10436HIGHWPC Smart Messages for WooCommerce <= 4.2.1 - Authenticated (Subscriber+) Local File InclusionEPSS 0.7%CVE-2025-31015HIGHWordPress SMTP Service, Email Delivery Solved! — MailHawk plugin <= 1.3.1 - Local File Inclusion VulnerabilityEPSS 0.7%CVE-2025-39584HIGHWordPress Eventin plugin <= 4.0.25 - Local File Inclusion VulnerabilityEPSS 0.7%CVE-2025-27272HIGHWordPress VG PostCarousel plugin <= 1.1 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2025-30782HIGHWordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2025-32692HIGHWordPress WP Subscription Forms plugin <= 1.2.4 - Local File Inclusion VulnerabilityEPSS 0.7%CVE-2021-47734HIGHCMSimple 5.4 Authenticated Local File Inclusion Remote Code ExecutionEPSS 0.7%CVE-2025-39592HIGHWordPress Subscribe to Unlock Lite plugin <= 1.3.0 - Local File Inclusion VulnerabilityEPSS 0.7%CVE-2025-30849HIGHWordPress Essential Real Estate plugin <= 5.2.0 - Local File Inclusion VulnerabilityEPSS 0.7%CVE-2024-13790CRITICALMinimogWP – The High Converting eCommerce WordPress Theme <= 3.7.0 - Unauthenticated Local PHP File InclusionEPSS 0.7%CVE-2025-13641HIGHPhoto Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 3.59.12 - Authenticated (Contributor+) Local File Inclusion via 'template'EPSS 0.7%CVE-2024-52501HIGHWordPress Office Locator plugin <= 1.3.0 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-52496HIGHWordPress Absolute Addons For Elementor plugin <= 1.0.14 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-13593HIGHBMLT Meeting Map <= 2.6.0 - Authenticated (Contributor+) Local File InclusionEPSS 0.7%