CVE-2026-22373 | AncoraThemes Fooddy Plugin up to 1.3.10 on WordPress filename control

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability, which was classified as critical, was found in AncoraThemes Fooddy Plugin up to 1.3.10 on WordPress. This affects an unknown function. Executing a manipulation can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is handled as CVE-2026-22373. The attack can be executed remotely. There is not any exploit available.

CVE-2026-22373 | AncoraThemes Fooddy Plugin up to 1.3.10 on WordPress filename control

Post correlati

CVE-2024-1466 | Livemesh Elementor Addons Plugin up to 8.3.4 on WordPress Posts Multislider Widget cross site scripting

CVE-2025-27380 | Altium Enterprise Server up to 7.0.5 Project Release cross site scripting

CVE-2026-20055 | Cisco Packaged Contact Center Enterprise cross site scripting (cisco-sa-ucce-pcce-xss-2JVyg3uD)

CVE-2024-43291 | voidCoders Void Contact Form 7 Widget for Elementor Page Builder Plugin cross site scripting