CVE-2026-22493

Name of the Vulnerable Software and Affected Versions Elated-Themes Gaspard versions n/a through 1.3

Description A flaw exists in the handling of filenames for Include/Require statements within a PHP program, specifically a PHP Remote File Inclusion issue in Elated-Themes Gaspard. This allows for PHP Local File Inclusion. The vulnerable component is related to the processing of file names used in include or require operations.

Recommendations Update Elated-Themes Gaspard to a version later than 1.3.