CVE Catalog

CVE-2026-54814

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Summary

CVE-2026-54814 describes improper control of filename for include/require statements in PHP, allowing for local file inclusion. This affects the Motors theme from n/a through 1.4.109.

Risk Assessment

This vulnerability may lead to unauthorized access to system files, jeopardizing the integrity and confidentiality of data within the organization.

Recommendation

It is recommended to update the Motors theme to the latest version to mitigate this vulnerability and review the security of the PHP application.

Original NVD description (English source)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS