CVE-2026-22420

CVE-2026-22420 pertains to the Horizon WordPress theme (AncoraThemes Horizon) with a Local File Inclusion vulnerability via improper control of the include/require filename, affecting Horizon versions up to and including 1.1. Public documentation in the connected sources confirms the vulnerabilit...

CVE-2026-22421 WordPress Quantum theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Quantum quantum allows PHP Local File Inclusion.This issue affects Quantum: from n/a through = 1.0...

CVE-2026-22419 WordPress Honor theme <= 2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Honor honor allows PHP Local File Inclusion.This issue affects Honor: from n/a through = 2.3...

CVE-2026-22421 WordPress Quantum theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Quantum quantum allows PHP Local File Inclusion.This issue affects Quantum: from n/a through = 1.0...

CVE-2026-22420 WordPress Horizon theme <= 1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Horizon horizon allows PHP Local File Inclusion.This issue affects Horizon: from n/a through = 1.1...

CVE-2026-22419

CVE-2026-22419 – Local File Inclusion in AncoraThemes Honor WordPress theme (vulnerable

CVE-2026-22412

CVE-2026-22412 is a Local File Inclusion vulnerability in Mikado-Themes Eona WordPress theme (versions up to 1.3). The issue arises from improper control of include/require file names in PHP, enabling LFI. Public sources (Red Hat/NVD/patch references) confirm the impact is PHP Local File Inclusio...

CVE-2026-22413

CVE-2026-22413 describes a PHP Local File Inclusion in Mikado-Themes Malgré malgre (WordPress theme) caused by improper control of filenames for include/require statements. Affected versions are Malgré

CVE-2026-22415

CVE-2026-22415 affects the WordPress theme The Mounty (AncoraThemes) up to version 1.1. It is a Local File Inclusion via improper control of filenames in include/require statements, enabling reading of local files. CVSS 3.1 Base 8.1 (HIGH), network attack, no user interaction. Affected software: ...

CVE-2026-22410

CVE-2026-22410 concerns Mikado-Themes Dolcino (WordPress Dolcino theme) with a Local File Inclusion due to Improper Control of Filename for Include/Require Statement. Affected: Dolcino versions through 1.6. Root cause: PHP Include/Require filename handling allows LFI. Impact: high severity potent...

CVE-2026-22410 WordPress Dolcino theme <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dolcino dolcino allows PHP Local File Inclusion.This issue affects Dolcino: from n/a through = 1.6...

CVE-2026-22415 WordPress The Mounty theme <= 1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes The Mounty the-mounty allows PHP Local File Inclusion.This issue affects The Mounty: from n/a through = 1.1...

CVE-2026-22414 WordPress Marra theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Marra marra allows PHP Local File Inclusion.This issue affects Marra: from n/a through = 1.2...

CVE-2026-22410 WordPress Dolcino theme <= 1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dolcino dolcino allows PHP Local File Inclusion.This issue affects Dolcino: from n/a through = 1.6...

CVE-2026-22413 WordPress Malgré theme <= 1.0.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Malgré malgre allows PHP Local File Inclusion.This issue affects Malgré: from n/a through = 1.0.3...

CVE-2026-22414 WordPress Marra theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Marra marra allows PHP Local File Inclusion.This issue affects Marra: from n/a through = 1.2...

CVE-2026-22412 WordPress Eona theme <= 1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Eona eona allows PHP Local File Inclusion.This issue affects Eona: from n/a through = 1.3...

CVE-2026-22403 WordPress Innovio theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Innovio innovio allows PHP Local File Inclusion.This issue affects Innovio: from n/a through = 1.9...

CVE-2026-22408 WordPress Justicia theme <= 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Justicia justicia allows PHP Local File Inclusion.This issue affects Justicia: from n/a through = 1.2...

CVE-2026-22405 WordPress Overton theme <= 1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Overton overton allows PHP Local File Inclusion.This issue affects Overton: from n/a through = 1.3...