Exploit for CVE-2026-28043

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Healer - Doctor, Clinic & Medical WordPress Theme healer allows PHP Local File Inclusion.This issue affects Healer - Doctor, Clinic & Medical WordPress Theme: from n/a through <= 1.0.0.

Published: 2026-03-05

CVSS: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Download Exploit for CVE-2026-28043 here:

http://zeroday3sv534ljdendaufcrorz67yg6iujdpaknp6zqgxaevb7okfid.onion/exploit-for-cve-2026-28043.771/

Use Tor Browser to access .onion site.

https://sonitex.com/exploit-367-cve-2026-3410/

https://sonitex.com/exploit-441-cve-2025-70240/

https://sonitex.com/exploit-391-cve-2026-24115/

https://sonitex.com/exploit-778-cve-2026-32136/

https://sonitex.com/exploit-499-cve-2025-54001/