{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22508", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-07T13:44:36.067Z", "datePublished": "2026-03-25T16:14:26.112Z", "dateUpdated": "2026-03-26T18:31:41.230Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "dentalux", "product": "Dentalux", "vendor": "AncoraThemes", "versions": [{"lessThanOrEqual": "<= 3.3", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:09.301Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.<p>This issue affects Dentalux: from n/a through <= 3.3.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through <= 3.3."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:26.112Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/dentalux/vulnerability/wordpress-dentalux-theme-3-3-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress Dentalux theme <= 3.3 - Local File Inclusion vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-22508", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T18:24:49.772133Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:31:41.230Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-22508", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T18:24:49.772133Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:26:15.735Z"}}], "cna": {"title": "WordPress Dentalux theme <= 3.3 - Local File Inclusion vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "affected": [{"vendor": "AncoraThemes", "product": "Dentalux", "versions": [{"status": "affected", "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 3.3"}], "packageName": "dentalux", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:09.301Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/dentalux/vulnerability/wordpress-dentalux-theme-3-3-local-file-inclusion-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through <= 3.3.", "supportingMedia": [{"type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.<p>This issue affects Dentalux: from n/a through <= 3.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:26.112Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22508", "state": "PUBLISHED", "dateUpdated": "2026-03-26T18:31:41.230Z", "dateReserved": "2026-01-07T13:44:36.067Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:26.112Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through <= 3.3."}, {"lang": "es", "value": "Control inadecuado del nombre de fichero para la declaraci\u00f3n Include/Require en el programa PHP (vulnerabilidad 'Inclusi\u00f3n Remota de Ficheros PHP') en AncoraThemes Dentalux dentalux permite la Inclusi\u00f3n Local de Ficheros PHP. Este problema afecta a Dentalux: desde n/a hasta &lt;= 3.3."}], "id": "CVE-2026-22508", "lastModified": "2026-03-26T19:16:34.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:33.007", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/dentalux/vulnerability/wordpress-dentalux-theme-3-3-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,3.3]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "dentalux", "vendor": "ancorathemes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-25T17:22:55.329776+00:00", "value": {"mitigation_remediation": ["Upgrade the Dentalux theme to the latest version (3.4 or newer).", "Ensure that any include paths used by the theme are validated and restricted, preventing external influence.", "Consult the AncoraThemes website or WordPress plugin repository for additional security advisories or patches."], "summary": {"action": "Apply Patch", "impact": "Local File Inclusion leading to potential remote code execution"}, "threat_synthesis": {"affected_systems": "The flaw affects the AncoraThemes Dentalux WordPress theme through version 3.3, meaning any installation of Dentalux up to and including 3.3 is susceptible.", "description_and_impact": "This vulnerability arises from insufficient validation of the filename used in PHP include/require statements, allowing an attacker to manipulate the include path and read or execute arbitrary local files. By exploiting the flaw, an attacker could compromise the confidentiality of sensitive data, alter application logic, or execute arbitrary code, thereby undermining the integrity and availability of the affected WordPress site.", "risk_and_exploitability": "The CVSS score is not disclosed in the data, and no EPSS value is available. The vulnerability is not listed in the CISA KEV catalog, indicating no currently known widespread exploitation. Based on the description, the likely attack vector requires an attacker to provide a crafted input that influences the file inclusion path\u2014either via URL parameters or form fields. Once triggered, the flaw could enable remote code execution if the attacker can supply malicious content or gain elevated privileges. The risk remains high due to the potential severity of the impact, even though specific exploitation evidence is not reported."}}}}, "created": "2026-03-25T21:35:12.264061+00:00", "updated": "2026-03-26T11:40:26.064917+00:00", "vendors": ["ancorathemes", "ancorathemes$PRODUCT$dentalux", "wordpress", "wordpress$PRODUCT$wordpress"]}