{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27991", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-25T12:12:49.964Z", "datePublished": "2026-03-05T05:54:05.713Z", "dateUpdated": "2026-04-28T16:45:29.998Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "avventure", "product": "Avventure", "vendor": "ThemeREX", "versions": [{"lessThanOrEqual": "1.1.12", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Bonds | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:05:28.433Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.<p>This issue affects Avventure: from n/a through <= 1.1.12.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through <= 1.1.12."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:15:03.827Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/avventure/vulnerability/wordpress-avventure-theme-1-1-12-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress Avventure theme <= 1.1.12 - Local File Inclusion vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-06T18:33:08.830154Z", "id": "CVE-2026-27991", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T16:45:29.998Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27991", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-25T12:12:49.964Z", "datePublished": "2026-03-05T05:54:05.713Z", "dateUpdated": "2026-04-28T16:45:29.998Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "avventure", "product": "Avventure", "vendor": "ThemeREX", "versions": [{"lessThanOrEqual": "1.1.12", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Bonds | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:05:28.433Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.<p>This issue affects Avventure: from n/a through <= 1.1.12.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through <= 1.1.12."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:15:03.827Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/avventure/vulnerability/wordpress-avventure-theme-1-1-12-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress Avventure theme <= 1.1.12 - Local File Inclusion vulnerability"}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27991", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-06T18:33:08.830154Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T18:32:59.081Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through <= 1.1.12."}, {"lang": "es", "value": "Control inadecuado del nombre de fichero para la declaraci\u00f3n Include/Require en programa PHP (vulnerabilidad 'Inclusi\u00f3n Remota de Ficheros PHP') en ThemeREX Avventure avventure permite Inclusi\u00f3n Local de Ficheros PHP. Este problema afecta a Avventure: desde n/a hasta &lt;= 1.1.12."}], "id": "CVE-2026-27991", "lastModified": "2026-04-22T21:26:58.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-05T06:16:31.460", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/avventure/vulnerability/wordpress-avventure-theme-1-1-12-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.1.12]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Avventure", "source": "cna", "vendor": "ThemeREX"}, "product": "avventure", "vendor": "themerex"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T05:05:21.020087+00:00", "value": {"mitigation_remediation": ["Upgrade the Avventure theme to a version newer than 1.1.12 or apply the security patch released by ThemeREX.", "If an upgrade cannot be performed immediately, remove or comment out the vulnerable include/require statement in the theme\u2019s code, or replace it with a safe file inclusion mechanism.", "Implement input validation or a whitelist against the filename parameter, and consider deploying a web application firewall to detect and block file\u2011inclusion attempts."], "summary": {"action": "Immediate Patch", "impact": "Local File Inclusion"}, "threat_synthesis": {"affected_systems": "The issue applies to WordPress installations using the ThemeREX Avventure theme up to and including version 1.1.12. Any site that has installed this theme version or an earlier release is exposed to the flaw.", "description_and_impact": "This vulnerability arises from improper control of the filename used in an include/require statement within the Avventure WordPress theme, exposing it to local file inclusion. An attacker who can influence the filename can read arbitrary files on the server and potentially trigger execution of those files via PHP. The flaw corresponds to CWE-98, which is an improper input handling weakness that permits inclusion of unintended files.", "risk_and_exploitability": "With a CVSS score of 8.1 the vulnerability is considered high severity, and the EPSS score of less than 1% indicates that exploitation attempts are uncommon. The flaw is not listed in CISA\u2019s Known Exploited Vulnerabilities catalog. Based on the description, an attacker might exploit the flaw by manipulating the theme\u2019s filename parameter, for example via a crafted URL or form input, to trigger the vulnerable include. The effectiveness of such an attack depends on the site\u2019s exposure to external traffic."}}}}, "created": "2026-03-06T15:11:50.411088+00:00", "updated": "2026-04-16T05:15:25.468420+00:00", "vendors": ["themerex", "themerex$PRODUCT$avventure", "wordpress", "wordpress$PRODUCT$wordpress"]}