CVE-2026-28094

Name of the Vulnerable Software and Affected Versions ThemeREX RexCoin versions through 1.2.6

Description The software contains a flaw related to improper control of filenames used in include/require statements, potentially leading to PHP Local File Inclusion.

Recommendations Update ThemeREX RexCoin to a version greater than 1.2.6.