Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Elated-Themes FindAll allows hackers to access your files
CVE-2026-22478
Summary
A security issue in Elated-Themes FindAll allows hackers to access your website's files by tricking the system into including malicious code from your own computer. This could lead to sensitive data being exposed or malicious actions being taken on your website. Update to version 1.5 or later to fix this issue.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue aff...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affects FindAll: from n/a through <= 1.4.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026