Require Statement in PHP Program ('PHP Remote File Inclusion')

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-25	CVE-2025-0682	The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. network low complexity CWE-98	8.8
2025-01-24	CVE-2024-45077	IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system. network low complexity CWE-98	6.5
2024-12-25	CVE-2024-12272	The WP Travel Engine – Elementor Widgets \| Create Travel Booking Website Using WordPress and Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.7 via several widgets. network low complexity CWE-98	8.8
2024-12-20	CVE-2024-12571	The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is vulnerable to Local File Inclusion in version 3.98.9 via the 'sl_engine' parameter. network low complexity CWE-98 critical	9.8
2024-12-12	CVE-2024-12040	The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the 'theme' attribute of the `wcpcsu` shortcode. network low complexity CWE-98	8.8
2024-10-29	CVE-2024-10436	The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condition_value function. network low complexity CWE-98	8.8
2024-10-26	CVE-2024-8392	The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.2 via the 'tab' parameter. network low complexity CWE-98	7.2