CVE-2026-22370 | axiomthemes Marveland Plugin up to 1.3.0 on WordPress filename control

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability classified as critical was found in axiomthemes Marveland Plugin up to 1.3.0 on WordPress. The affected element is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is traded as CVE-2026-22370. The attack may be launched remotely. There is no exploit available.

CVE-2026-22370 | axiomthemes Marveland Plugin up to 1.3.0 on WordPress filename control

Post correlati

CVE-2024-30314 | Adobe Dreamweaver Desktop up to 21.3 os command injection (apsb24-39)

CVE-2024-11029 | Red Hat Enterprise Linux 9 FreeIPA API Audit exposure of sensitive system information to an unauthorized control sphere

CVE-2025-40977 | WorkDo eCommerceGo SaaS POST Request /store-ticket subject/description cross site scripting

CVE-2023-45926 | GNOME gdk-pixbuf 4fc028aa gdk_pixbuf_io_init_modules memory corruption