Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Cortex Theme: Malicious Files Can Be Loaded from Local PC
CVE-2026-22392
Summary
A security issue in the Cortex theme for WordPress allows an attacker to load malicious files from your own computer. This could let a hacker access sensitive data or take control of your site. To fix this, update the Cortex theme to a version higher than 1.5.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Cortex cortex allows PHP Local File Inclusion.This issue affec...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Cortex cortex allows PHP Local File Inclusion.This issue affects Cortex: from n/a through <= 1.5.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026