Mikado-Themes Eona: Unsecured File Access via Local Files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.1

Mikado-Themes Eona: Unsecured File Access via Local Files

CVE-2026-22412

Summary

The Eona theme from Mikado-Themes may allow attackers to access local files on your server. This is a security risk because it could let an attacker read sensitive information from your site. Update to version 1.4 or later to fix this issue.

Original title

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Eona eona allows PHP Local File Inclusion.This issue affects E...

Original description

Vulnerability type

CWE-98 Improper Control of Filename for Include

https://patchstack.com/database/Wordpress/Theme/eona/vulnerability/wordpress-eon...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026