Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
AncoraThemes The Mounty: Attacker can access local files
CVE-2026-22415
Summary
The Mounty, a plugin for WordPress, has a vulnerability that allows an attacker to access and view any file on your website. This is a serious issue because it could allow a hacker to steal sensitive information or cause other problems. Update The Mounty to the latest version to fix this issue.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes The Mounty the-mounty allows PHP Local File Inclusion.This issu...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes The Mounty the-mounty allows PHP Local File Inclusion.This issue affects The Mounty: from n/a through <= 1.1.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026