4 matches found
CVE-2026-27335
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & Ecology Theme: fr...
CVE-2026-27335
CVE-2026-27335 concerns the Ekoterra WordPress theme (AncoraThemes Ekoterra, NonProfit, Green Energy & Ecology Theme) with versions through 1.0.0. Public records describe an improper control of filenames for Include/Require in PHP, effectively a Local File Inclusion (LFI) vulnerability. Reported ...
PT-2026-23229
Name of the Vulnerable Software and Affected Versions AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme versions through 1.0.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File...
WordPress Alone Code Injection Vulnerability
WordPress Alone is a theme designed for nonprofit organizations, primarily for the WordPress platform. WordPress Alone suffers from a code injection vulnerability that stems from improper code generation controls, no details of the vulnerability are provided at this time...