CVE-2026-39553 | Select-Themes WaveRide Plugin up to 1.4 on WordPress filename control

A vulnerability classified as problematic has been found in Select-Themes WaveRide Plugin up to 1.4 on WordPress. Impacted is an unknown function. This manipulation causes improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability appears as CVE-2026-39553. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More