CVE-2026-27997

Name of the Vulnerable Software and Affected Versions ThemeREX Maxify versions through 1.0.16

Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files.

Recommendations Update ThemeREX Maxify to a version later than 1.0.16.