Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Wabi-Sabi Theme Allows Access to Local Files
CVE-2026-22431
Summary
A security issue in the Wabi-Sabi theme for websites allows an attacker to access and potentially read sensitive files on the server. This could lead to sensitive information being exposed or even allow an attacker to execute malicious code. To protect your site, update to the latest version of the Wabi-Sabi theme.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wabi-Sabi wabi-sabi allows PHP Local File Inclusion.This issue ...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wabi-Sabi wabi-sabi allows PHP Local File Inclusion.This issue affects Wabi-Sabi: from n/a through <= 1.2.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026