CVE-2026-22503 WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

CVE-2026-22503 WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Nelson nelson allows PHP Local File Inclusion.This issue affects Nelson: from n/a through = 1.2.0...

CVE-2026-22503

CVE-2026-22503 relates to the WordPress Theme Nelson by ThemeREX, where an improper filename validation in PHP include/require statements leads to a PHP Local File Inclusion (LFI) vulnerability. Affected product: Nelson versions from unspecified until &lt;= 1.2.0. The NVD/Red Hat/patch sources de...

WordPress Nelson theme <= 1.2.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nelson versions = 1.2.0...