ByteOS Network

CVE Vulnerability Details :

CVE-2026-22375

PUBLISHED

More Info Official Page

Assigner-Patchstack

Assigner Org ID-21595511-bba5-4825-b968-b78d1f9984a3

Published At-20 Feb, 2026 | 15:47

Updated At-20 Feb, 2026 | 15:47

▼CVE Numbering Authority (CNA)

WordPress Impacto Patronus theme <= 1.2.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Impacto Patronus impacto-patronus allows PHP Local File Inclusion.This issue affects Impacto Patronus: from n/a through <= 1.2.3.

Affected Products

Vendor

AncoraThemes

Product

Impacto Patronus

Collection URL

https://themeforest.net

Package Name

impacto-patronus

Default Status

unaffected

Versions

Affected

From n/a through <= 1.2.3 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-98	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Type: CWE

CWE ID: CWE-98

Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Impacts

CAPEC ID	Description
CAPEC-252	PHP Local File Inclusion

CAPEC ID: CAPEC-252

Description: PHP Local File Inclusion

Credits

finder

Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program

References

Hyperlink	Resource
https://patchstack.com/database/Wordpress/Theme/impacto-patronus/vulnerability/wordpress-impacto-patronus-theme-1-2-3-local-file-inclusion-vulnerability?_s_id=cve	vdb-entry

Hyperlink: https://patchstack.com/database/Wordpress/Theme/impacto-patronus/vulnerability/wordpress-impacto-patronus-theme-1-2-3-local-file-inclusion-vulnerability?_s_id=cve

Resource:

vdb-entry

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References