CVE-2026-28046

Name of the Vulnerable Software and Affected Versions ThemeREX Law Office versions through 3.3.0

Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files.

Recommendations Update to a version later than 3.3.0.