Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Meals & Wheels Theme: Malicious Files Can Be Accessed
CVE-2026-27992
Summary
A security issue in Meals & Wheels theme for WordPress allows hackers to access local files on the website. This could lead to sensitive information being stolen or malicious code being executed. Update to the latest version (1.1.13 or later) to fix this issue.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This is...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Meals & Wheels meals-wheels allows PHP Local File Inclusion.This issue affects Meals & Wheels: from n/a through <= 1.1.12.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026