CVE-2026-27078

Name of the Vulnerable Software and Affected Versions Mikado-Themes Emaurri versions through 1.0.1

Description A flaw exists in the handling of filenames used in include/require statements within the PHP program, specifically a PHP Remote File Inclusion issue in Mikado-Themes Emaurri. This allows for PHP Local File Inclusion. The vulnerability involves improper control of filenames, potentially leading to unauthorized access or execution of files.

Recommendations Update Mikado-Themes Emaurri to a version newer than 1.0.1.