← Back

Thememove

thememove

19 CVEs • 16 products

Products (16)

Click to collapse
Toggle
Makeaholic
makeaholic
2 CVEs
Edumall
edumall
2 CVEs
Minimogwp
minimogwp
2 CVEs
Insight Core
insight_core
1 CVE
Healsoul
healsoul
1 CVE
Unicamp
unicamp
1 CVE
Maxcoach
maxcoach
1 CVE
Smilepure
smilepure
1 CVE
Businext
businext
1 CVE
Medizin
medizin
1 CVE
Billey
billey
1 CVE
Aeroland
aeroland
1 CVE
Brook
brook
1 CVE
Moody
moody
1 CVE
Mitech
mitech
1 CVE
Amely
amely
1 CVE

CVEs (19)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-22708
1Thememove
1Mitech
Apr 27, 2026
Jan 8, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Mitech mitech allows PHP Local File Inclusion.This issue affects Mitech: from n/a through...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Mitech mitech allows PHP Local File Inclusion.This issue affects Mitech: from n/a through <= 2.3.4.Show less
CVE-2025-22707
1Thememove
1Moody
Apr 27, 2026
Jan 8, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through <= 2.7.3.Show less
CVE-2025-14430
1Thememove
1Brook
Apr 27, 2026
Jan 8, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook brook allows PHP Local File Inclusion.This issue affects Brook: from n/a through <=...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Brook brook allows PHP Local File Inclusion.This issue affects Brook: from n/a through <= 2.9.0.Show less
CVE-2025-14429
1Thememove
1Aeroland
Apr 27, 2026
Jan 8, 2026
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a t...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove AeroLand aeroland allows PHP Local File Inclusion.This issue affects AeroLand: from n/a through <= 1.6.6.Show less
CVE-2025-60069
1Thememove
1Minimogwp
Apr 27, 2026
Dec 18, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through <= 3.9.6.Show less
CVE-2025-68062
1Thememove
1Minimogwp
Jan 29, 2026
Dec 16, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MinimogWP minimog allows PHP Local File Inclusion.This issue affects MinimogWP: from n/a through <= 3.9.6.Show less
CVE-2025-68061
1Thememove
1Edumall
Apr 27, 2026
Dec 16, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a thro...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through <= 4.4.7.Show less
CVE-2025-59564
1Thememove
1Edumall
Jan 29, 2026
Oct 22, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a thro...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through < 4.4.5.Show less
CVE-2025-59558
1Thememove
1Billey
Jan 29, 2026
Oct 22, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through < 2.1.6.Show less
CVE-2025-59555
1Thememove
1Medizin
Jan 29, 2026
Oct 22, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Medizin medizin allows PHP Local File Inclusion.This issue affects Medizin: from n/a thro...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Medizin medizin allows PHP Local File Inclusion.This issue affects Medizin: from n/a through < 1.9.7.Show less
CVE-2025-58967
1Thememove
1Businext
Apr 27, 2026
Oct 22, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a t...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through < 2.4.4.Show less
CVE-2025-58958
1Thememove
1Smilepure
Apr 27, 2026
Oct 22, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through < 1.8.5.Show less
CVE-2025-58206
1Thememove
1Maxcoach
Apr 23, 2026
Sep 5, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a t...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a through <= 3.2.5.Show less
CVE-2025-58210
1Thememove
1Makeaholic
Apr 23, 2026
Sep 3, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Missing Authorization vulnerability in ThemeMove Makeaholic makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through <= 1.8.5.
CVE-2025-54701
1Thememove
1Unicamp
Apr 23, 2026
Aug 14, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp unicamp allows PHP Local File Inclusion.This issue affects Unicamp: from n/a thro...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp unicamp allows PHP Local File Inclusion.This issue affects Unicamp: from n/a through <= 2.6.3.Show less
CVE-2025-54700
1Thememove
1Makeaholic
Apr 23, 2026
Aug 14, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Makeaholic makeaholic allows PHP Local File Inclusion.This issue affects Makeaholic: from...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Makeaholic makeaholic allows PHP Local File Inclusion.This issue affects Makeaholic: from n/a through <= 1.8.4.Show less
CVE-2025-39474
1Thememove
1Amely
Apr 23, 2026
Jun 27, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeMove Amely amely allows SQL Injection.This issue affects Amely: from n/a through <= 3.1.4.
CVE-2025-32309
1Thememove
1Healsoul
Apr 23, 2026
May 23, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Healsoul healsoul allows PHP Local File Inclusion.This issue affects Healsoul: from n/a t...Show more
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Healsoul healsoul allows PHP Local File Inclusion.This issue affects Healsoul: from n/a through <= 2.2.3.Show less
CVE-2021-24950
1Thememove
1Insight Core
Nov 21, 2024
Mar 14, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in the insight_customizer_options_import (available to any authenticated user), does not validate user input before passing it...Show more
The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in the insight_customizer_options_import (available to any authenticated user), does not validate user input before passing it to unserialize(), nor sanitise and escape it before outputting it in the response. As a result, it could allow users with a role as low as Subscriber to perform PHP Object Injection, as well as Stored Cross-Site Scripting attacksShow less