CVE-2026-27987

Name of the Vulnerable Software and Affected Versions ThemeREX The Qlean versions prior to 2.12

Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion.

Recommendations Update to a version greater than 2.12