PT-2026-27832 · Elated Themes · Neobeat
Published
2026-03-25
·
Updated
2026-03-30
·
CVE-2026-22511
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Elated-Themes NeoBeat versions n/a through 1.2
Description
A flaw exists in the handling of filenames used in include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Elated-Themes NeoBeat. This allows for the inclusion of local files. The vulnerable component is related to file inclusion processes. The
include and require statements are affected.Recommendations
Versions prior to 1.2 should be updated.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Neobeat