WordPress The Wound Theme <= 0.0.1 is vulnerable to a high priority Local File Inclusion

High priority Mitigate with Patchstack

<= 0.0.1Vulnerable version(s)

No official fix availableFixed version

WordPress theme

No VDP

29 Jan, 2026

Get the fastest vulnerability mitigation with Patchstack!

Get started

Risks

CVSS 8.1

This vulnerability is highly dangerous and expected to become exploited.

8.1

Local File Inclusion

This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could potentially allow complete database takeover depending on the configuration.

CVSS score is a way to evaluate and rank reported vulnerabilities in a standardized and repeatable way but which is not ideal for WordPress.

Solutions

We advise to mitigate or resolve the vulnerability immediately.

Details

Have additional information or questions about this entry? Let us know.

Go to

WordPress theme

No VDP

Timeline

Early warning sent out to Patchstack customers

29 Jan, 2026

Published by Patchstack

29 Jan, 2026

Weekly WordPress security intelligence delivered to your inbox.

WordPress The Wound Theme <= 0.0.1 is vulnerable to a high priority Local File Inclusion

Get the fastest vulnerability mitigation with Patchstack!

Risks

8.1

Local File Inclusion

Solutions

Details

Timeline

How can Patchstack provide the fastest protection?

How does Patchstack mitigate vulnerabilities?

Why would a hacker target my website?

What if my website has already been compromised?

Weekly WordPress security intelligence delivered to your inbox.