{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27077", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-17T13:23:51.341Z", "datePublished": "2026-03-25T16:14:54.843Z", "dateUpdated": "2026-03-25T16:14:54.843Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "multioffice", "product": "MultiOffice", "vendor": "Mikado-Themes", "versions": [{"lessThanOrEqual": "<= 1.2", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:34.286Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.<p>This issue affects MultiOffice: from n/a through <= 1.2.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.This issue affects MultiOffice: from n/a through <= 1.2."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:54.843Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/multioffice/vulnerability/wordpress-multioffice-theme-1-2-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress MultiOffice theme <= 1.2 - Local File Inclusion vulnerability"}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.This issue affects MultiOffice: from n/a through <= 1.2."}], "id": "CVE-2026-27077", "lastModified": "2026-03-25T17:16:55.180", "metrics": {}, "published": "2026-03-25T17:16:55.180", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/multioffice/vulnerability/wordpress-multioffice-theme-1-2-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.2]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "MultiOffice", "source": "cna", "vendor": "Mikado-Themes"}, "product": "multioffice", "vendor": "mikado-themes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-25T19:49:17.034009+00:00", "value": {"mitigation_remediation": ["Upgrade the Mikado-Themes MultiOffice theme to a version newer than 1.2 or to the latest release available from the vendor.", "Review any custom theme modifications to ensure no unsanitized include or require calls are used without validating the path against an approved whitelist.", "If an immediate upgrade cannot be performed, reduce file system permissions on the theme directory to prevent unauthorized reading or execution of files.", "Regularly verify that the core WordPress installation and other plugins are updated to the latest security releases."], "summary": {"action": "Immediate Patch", "impact": "Local File Inclusion"}, "threat_synthesis": {"affected_systems": "All WordPress installations that use the Mikado-Themes MultiOffice theme version 1.2 or earlier are affected. The vulnerability applies from the theme\u2019s initial release through to its 1.2 release, as stated in the vendor documentation.", "description_and_impact": "The vulnerability in the Mikado-Themes MultiOffice WordPress theme allows an attacker to control the filename passed to PHP include or require statements, a classic local file inclusion flaw. It is inferred that, if the attacker supplies a path to a file containing PHP code, that code could be executed with the privileges of the web server, potentially enabling the attacker to read sensitive files or compromise the site. The flaw is identified as CWE\u201198 and becomes active for any usage of the theme\u2019s file inclusion logic.", "risk_and_exploitability": "The vulnerability is considered high risk because local file inclusion can expose confidential data or allow code execution. The EPSS score is not available and the flaw is not listed in CISA\u2019s KEV catalog. Based on the description, the attack vector is presumably remote via a crafted HTTP request that supplies an invalid file path; this inference comes from the typical nature of local file inclusion attacks. Exploitation would require the attacker to supply a suitable path in a request that the theme processes, after which the specified file would be included and, if it contains malicious code, executed by the server."}}}}, "created": "2026-03-25T21:43:59.873416+00:00", "updated": "2026-03-26T11:37:57.776968+00:00", "vendors": ["mikado-themes", "mikado-themes$PRODUCT$multioffice", "wordpress", "wordpress$PRODUCT$wordpress"]}