Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
AncoraThemes Zio Alberto: Malicious Files Can Be Loaded
CVE-2026-22374
Summary
An error in the Zio Alberto theme allows attackers to load and run malicious PHP files, which can compromise your website's security. This is a serious issue that affects versions up to 1.2.2 of the theme. To protect your site, update to the latest version or ask your developer to fix this issue.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This iss...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This issue affects Zio Alberto: from n/a through <= 1.2.2.
nvd CVSS3.1
8.1
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026