CVE-2026-22397

Name of the Vulnerable Software and Affected Versions Mikado-Themes Fleur versions through 2.0

Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion.

Recommendations Versions prior to or equal to 2.0 should be updated. At the moment, there is no information about a newer version that contains a fix for this vulnerability.