Emphires Allows Malicious File Access on Local System

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Emphires Allows Malicious File Access on Local System

CVE-2026-39677

Summary

A security weakness in Emphires allows hackers to access sensitive files on your local system. This means a malicious user could potentially view or modify your sensitive data. You should update to the latest version of Emphires immediately to fix this issue.

Original title

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Emphires emphires allows PHP Local File Inclusion.This issu...

Original description

Vulnerability type

CWE-98 Improper Control of Filename for Include

https://patchstack.com/database/Wordpress/Theme/emphires/vulnerability/wordpress...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026