Prowess Website Allows Attackers to Access Local Files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.1

Prowess Website Allows Attackers to Access Local Files

CVE-2026-22446

Summary

An issue in Prowess allows hackers to access and view local files on a website. This means that sensitive information could potentially be exposed. Website owners should update to the latest version of Prowess to fix this issue.

Original title

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue aff...

Original description

Vulnerability type

CWE-98 Improper Control of Filename for Include

https://patchstack.com/database/Wordpress/Theme/prowess/vulnerability/wordpress-...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026