CVE-2026-22374 | AncoraThemes Zio Alberto Plugin up to 1.2.2 on WordPress filename control

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability has been found in AncoraThemes Zio Alberto Plugin up to 1.2.2 on WordPress and classified as critical. This impacts an unknown function. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is uniquely identified as CVE-2026-22374. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-22374 | AncoraThemes Zio Alberto Plugin up to 1.2.2 on WordPress filename control

Post correlati

CVE-2024-57997 | Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1 wcn->chan_survey initialization

CVE-2025-6936 | code-projects Simple Pizza Ordering System 1.0 /addpro.php ID sql injection

CVE-2026-21618 | hexpm hex.pm shared_authorization_view.ex cross site scripting

CVE-2024-27279 | Appleple A-Blog CMS path traversal