AncoraThemes Notarius: Unapproved Files Can Be Included in PHP Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.1

AncoraThemes Notarius: Unapproved Files Can Be Included in PHP Code

CVE-2026-28124

Summary

The Notarius theme from AncoraThemes can allow attackers to include unauthorized PHP files, potentially allowing them to access sensitive information or execute malicious code. This issue affects Notarius versions 1.0 through 1.9. Update to a fixed version to prevent this risk.

Original title

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Notarius notarius allows PHP Local File Inclusion.This issue af...

Original description

nvd CVSS3.1 8.1

Vulnerability type

CWE-98 Improper Control of Filename for Include

https://patchstack.com/database/Wordpress/Theme/notarius/vulnerability/wordpress...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026