CVE-2026-28011

Name of the Vulnerable Software and Affected Versions ThemeREX Yottis versions through 1.0.10

Description The software contains an Improper Control of Filename for Include/Require Statement, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files.

Recommendations Update to a version later than 1.0.10.