CVE-2026-24609 | Elated-Themes Laurent Plugin up to 3.1 on WordPress filename control

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability described as critical has been identified in Elated-Themes Laurent Plugin up to 3.1 on WordPress. Impacted is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is listed as CVE-2026-24609. The attack may be performed from remote. There is no available exploit.

CVE-2026-24609 | Elated-Themes Laurent Plugin up to 3.1 on WordPress filename control

Post correlati

CVE-2024-1155 | NI SystemLink Server/FlexLogger SystemLink Elixir Service default permission

CVE-2023-52031 | Totolink A3700R 9.1.2u.5822_B20200513 UploadFirmwareFile Privilege Escalation

CVE-2025-10891 | Google Chrome up to 140.0.7339.185 V8 integer overflow

CVE-2024-32905 | Google Android kernel link_device_memory_legacy.c circ_read out-of-bounds write