Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Grit PHP Theme Allows Access to Local Files
CVE-2026-28041
Summary
The Grit theme for WordPress allows attackers to access and view local files on a website. This is a security risk because it could allow unauthorized access to sensitive information. To fix this, update to the latest version of the theme, version 1.0.2 or higher.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Gr...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through <= 1.0.1.
nvd CVSS3.1
8.1
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026