Nixpkgs Security Tracker

Dismissed

Permalink CVE-2026-27337

updated 2 weeks, 3 days ago by @LeSuisse Activity log

Created automatic suggestion 2 weeks, 3 days ago
@LeSuisse removed package haskellPackages.monad-chronicle 2 weeks, 3 days ago
@LeSuisse dismissed 2 weeks, 3 days ago

WordPress Chronicle - Lifestyle Magazine & Blog WordPress Theme theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress Theme: from n/a through <= 1.0.

References

https://patchstack.com/database/Wordpress/Theme/chronicle/vulnerability/wordpre… vdb-entry

Affected products

chronicle

=<<= 1.0

Ignored packages (1)

pkgs.haskellPackages.monad-chronicle

These as a transformer, ChronicleT

nixos-unstable 1.1
- nixpkgs-unstable 1.1
- nixos-unstable-small 1.1
nixos-25.11 1.1
- nixos-25.11-small 1.1
- nixpkgs-25.11-darwin 1.1

Not present in nixpkgs

Suggestion detail

References

Affected products

pkgs.haskellPackages.monad-chronicle