{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22416", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-07T12:22:01.195Z", "datePublished": "2026-03-05T05:53:36.994Z", "dateUpdated": "2026-04-28T17:07:42.897Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "fixteam", "product": "FixTeam", "vendor": "AncoraThemes", "versions": [{"lessThanOrEqual": "1.5.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:04:12.445Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.<p>This issue affects FixTeam: from n/a through <= 1.5.0.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.This issue affects FixTeam: from n/a through <= 1.5.0."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:43.517Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/fixteam/vulnerability/wordpress-fixteam-theme-1-4-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress FixTeam theme <= 1.5.0 - Local File Inclusion vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-10T14:36:03.755984Z", "id": "CVE-2026-22416", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T17:07:42.897Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22416", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-07T12:22:01.195Z", "datePublished": "2026-03-05T05:53:36.994Z", "dateUpdated": "2026-04-28T17:07:42.897Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "fixteam", "product": "FixTeam", "vendor": "AncoraThemes", "versions": [{"lessThanOrEqual": "1.5.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:04:12.445Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.<p>This issue affects FixTeam: from n/a through <= 1.5.0.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.This issue affects FixTeam: from n/a through <= 1.5.0."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:43.517Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/fixteam/vulnerability/wordpress-fixteam-theme-1-4-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress FixTeam theme <= 1.5.0 - Local File Inclusion vulnerability"}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22416", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-10T14:36:03.755984Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-10T14:35:28.136Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes FixTeam fixteam allows PHP Local File Inclusion.This issue affects FixTeam: from n/a through <= 1.5.0."}, {"lang": "es", "value": "Control inadecuado del nombre de fichero para la declaraci\u00f3n include/require en un programa PHP (vulnerabilidad de 'PHP Remote File Inclusion') en AncoraThemes FixTeam fixteam permite la inclusi\u00f3n local de ficheros PHP. Este problema afecta a FixTeam: desde n/a hasta &lt;= 1.4."}], "id": "CVE-2026-22416", "lastModified": "2026-04-22T21:26:58.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:15.450", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/fixteam/vulnerability/wordpress-fixteam-theme-1-4-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.4]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "fixteam", "vendor": "ancorathemes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T05:34:42.797271+00:00", "value": {"mitigation_remediation": ["Upgrade the FixTeam theme to version 1.5.1 or later if an update is available.", "If an update is unavailable, replace the theme with a secure alternative or remove it entirely to avoid the inclusion point.", "Verify that the site's file inclusion mechanisms enforce strict path validation and that no legacy include statements remain vulnerable."], "summary": {"action": "Immediate Patch", "impact": "Local File Inclusion leading to potential code execution"}, "threat_synthesis": {"affected_systems": "WordPress sites that have installed AncoraThemes FixTeam version 1.5.0 or earlier are affected. The issue is present from the earliest available release up through version 1.5.0.", "description_and_impact": "The vulnerability exists in the AncoraThemes FixTeam WordPress theme and allows an attacker to manipulate the filename used in a PHP include or require statement. By providing a crafted path, the site can include local files, potentially exposing sensitive configuration files or executing arbitrary PHP code, which can compromise confidentiality, integrity, and availability of the affected WordPress installation if leveraged.", "risk_and_exploitability": "The CVSS score of 8.1 indicates high severity. While the EPSS score is below 1%, suggesting low current exploitation probability, the vulnerability is not in the KEV catalog. The attack likely requires the ability to supply a crafted request that reaches the vulnerable include statement, which may be possible without authentication if the theme does not restrict access. Once exploited, the attacker could read sensitive files or execute arbitrary code, potentially taking control of the site."}}}}, "created": "2026-03-06T15:14:35.118045+00:00", "updated": "2026-04-16T05:45:26.008910+00:00", "vendors": ["ancorathemes", "ancorathemes$PRODUCT$fixteam", "wordpress", "wordpress$PRODUCT$wordpress"]}