CVE-2026-28058 WordPress Dixon theme <= 1.4.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dixon dixon allows PHP Local File Inclusion.This issue affects Dixon: from n/a through = 1.4.2.1...

CVE-2026-28058 WordPress Dixon theme <= 1.4.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dixon dixon allows PHP Local File Inclusion.This issue affects Dixon: from n/a through = 1.4.2.1...

CVE-2026-28058

CVE-2026-28058 describes an Unauthenticated Local File Inclusion in the WordPress theme Dixon (ThemeREX Dixon, “dixon”) for versions up to and including 1.4.2.1. The issue arises from improper control of the filename in PHP include/require statements (PHP Remote File Inclusion) which, in practice...

WordPress Dixon theme <= 1.4.2.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Dixon versions = 1.4.2.1...