Skip to main content

Uppercase

1 CVEs product

Monthly

CVE-2026-39559 HIGH This Week

Local File Inclusion in the CodeSupply Co. 'Uppercase' WordPress theme versions prior to 1.2.2 allows remote unauthenticated attackers to include and disclose arbitrary local files from the web server, potentially leading to source code disclosure, credential theft, or remote code execution where log/upload poisoning is feasible. The flaw is tagged as LFI/PHP/Information Disclosure by Patchstack and carries a CVSS 8.1 (High) rating; no public exploit identified at time of analysis.

PHP Information Disclosure LFI Uppercase
NVD
CVSS 3.1
8.1
EPSS
0.3%
EPSS 0% CVSS 8.1
HIGH This Week

Local File Inclusion in the CodeSupply Co. 'Uppercase' WordPress theme versions prior to 1.2.2 allows remote unauthenticated attackers to include and disclose arbitrary local files from the web server, potentially leading to source code disclosure, credential theft, or remote code execution where log/upload poisoning is feasible. The flaw is tagged as LFI/PHP/Information Disclosure by Patchstack and carries a CVSS 8.1 (High) rating; no public exploit identified at time of analysis.

PHP Information Disclosure LFI +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy