2 matches found
CVE-2026-28030 WordPress Bonbon theme <= 1.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Bonbon bonbon allows PHP Local File Inclusion.This issue affects Bonbon: from n/a through = 1.6...
CVE-2026-28030
CVE-2026-28030 corresponds to a Local File Inclusion in the WordPress ThemeREX Bonbon theme (bonbon) affecting versions up to 1.6. The vulnerability arises from improper control of the filename used in PHP include/require statements, enabling LFI. The public documents confirm the affected softwar...