Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
AncoraThemes Impacto Patronus May Download Harmful Files
CVE-2026-22375
Summary
A security issue in AncoraThemes Impacto Patronus could allow an attacker to trick the software into downloading and executing any file on the server. This could potentially lead to unauthorized access or data theft. To stay safe, update to the latest version of Impacto Patronus or contact your developer for assistance.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Impacto Patronus impacto-patronus allows PHP Local File Inclusi...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Impacto Patronus impacto-patronus allows PHP Local File Inclusion.This issue affects Impacto Patronus: from n/a through <= 1.2.3.
nvd CVSS3.1
8.1
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026