What is CVE-2026-28120?

CVE-2026-28120 is a high-severity vulnerability in ThemeREX Dr.Patterson that allows PHP local file inclusion. Organizations should prioritize patching to prevent potential exploitation.

What is the severity of CVE-2026-28120?

CVE-2026-28120 has a severity rating of HIGH with a CVSS base score of 8.1.

CVE-2026-28120 | High Vulnerability in ThemeREX Dr.Patterson

CVE-2026-28120 is classified as a high-severity vulnerability due to its CVSS score of 8.1. This vulnerability allows improper control of filename for include/require statements in PHP applications, specifically affecting the ThemeREX Dr.Patterson theme, which permits local file inclusion. The risk to organizations includes unauthorized access to sensitive files, which can lead to further system compromises.

The vulnerability was published on March 5, 2026, and affects all versions of Dr.Patterson up to and including 1.3.2. Given the potential for exploitation, organizations using this theme should address the vulnerability urgently to mitigate risks associated with local file inclusion.

Currently, there is no public exploit confirmed for this vulnerability, and it has not been included in the Known Exploited Vulnerabilities (KEV) catalog. However, the high CVSS score indicates that organizations must remain vigilant and adopt proactive security measures.

Organizations should prioritize patching immediately. Delaying remediation could expose them to significant risks, including data breaches and unauthorized access to their systems.

Vulnerability Details

The vulnerability arises from improper control in the handling of PHP include/require statements, which can be exploited to include local files. This vulnerability falls under the Common Weakness Enumeration (CWE) classification CWE-98. The attack vector for this vulnerability is categorized as network-based, with a high attack complexity, requiring no privileges and no user interaction. The impacts of this vulnerability encompass high confidentiality, integrity, and availability risks.

Technical Analysis

The root cause of CVE-2026-28120 stems from a failure to properly sanitize user inputs related to file paths, allowing attackers to manipulate file inclusion mechanisms within the application. The attack complexity is high, requiring an understanding of the underlying PHP application structure. Privileges required are none, and user interaction is also not needed, making this vulnerability particularly dangerous.

Risk & Impact Analysis

The potential real-world deployment risk associated with this vulnerability includes the possibility of attackers gaining access to sensitive application files, which can lead to further attacks on the system or data leakage. Organizations using affected versions of the Dr.Patterson theme should assess their exposure and take immediate action to mitigate this risk. The urgency to address this vulnerability is heightened by its high CVSS score and the potential impact on organizational operations.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of ThemeREX Dr.Patterson up to and including 1.3.2 are affected by this vulnerability. Organizations should ensure that they are using the latest version to mitigate risks.

Mitigation & Remediation

Organizations are advised to patch the Dr.Patterson theme immediately to address this vulnerability. If a patch is unavailable, consider implementing configuration hardening to limit access to sensitive files. Regular security assessments, such as penetration testing and application security assessments can help identify vulnerabilities and ensure compliance with security best practices.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unusual file access patterns, such as attempts to include unexpected files. Behavioral anomalies in application performance or responses could also indicate malicious activity. Additionally, network signatures that match specific known patterns can help in identifying attacks exploiting this vulnerability.

AppSecure Threat Intelligence Insight

CVE-2026-28120 highlights the importance of securing file inclusion mechanisms in PHP applications. The trend of local file inclusion vulnerabilities remains a significant concern within the security landscape, making it imperative for security teams to adopt proactive measures. Organizations should consider implementing comprehensive security programs that include regular security assessments, code reviews, and threat modeling. For further insights, organizations can explore our vulnerability management program design and the latest trends in vulnerability exposure severity. Additionally, reviewing the penetration testing methodology can assist in tailoring security efforts effectively.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2026-28120: High Vulnerability in ThemeREX Dr.Patterson