2 matches found
CVE-2026-27991 WordPress Avventure theme <= 1.1.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through = 1.1.12...
CVE-2026-27991
CVE-2026-27991 refers to a Local File Inclusion in the WordPress theme Avventure (ThemeREX) up to version 1.1.12. The vulnerability arises from improper control of include/require filename in a PHP program, enabling unauthenticated LFI. Public sources (Wordfence, PatchStack, CVE records) indicate...