CYBERHAWK / CVE / CVE-2026-6261

CVE-2026-6261

Betheme

HIGH CVSS 8.8 vibe

The flaw

Arbitrary file upload via upload_icons() function allows authenticated users to achieve RCE.

What to do

Update Betheme WordPress theme to version 28.5 or later

▸ Scan my repo for CVE-2026-6261

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-05-08 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits