PT-2026-23165 · Ancorathemes · The Mounty

Tran Nguyen Bao Khanh

Published

2026-03-05

Updated

2026-03-08

CVE-2026-22415

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AncoraThemes The Mounty versions through 1.1

Description The software contains a flaw related to improper control of filename for include/require statements, potentially leading to PHP Local File Inclusion. The issue is present in AncoraThemes The Mounty.

Recommendations Versions prior to and including 1.1 should be updated.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-98

Related Identifiers

CVE-2026-22415

Affected Products

The Mounty

PT-2026-23165 · Ancorathemes · The Mounty

CVE-2026-22415

Weakness Enumeration

Related Identifiers

Affected Products

References · 3