CVE-2023-25998
BaseFortify
Publication date: 2025-06-27
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Local File Inclusion (LFI) issue in the Samex - Clean, Minimal Shop WooCommerce WordPress Theme (versions up to 2.6). It allows an unauthenticated attacker to include and display local files from the target website by improperly controlling the filename used in PHP include/require statements. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover. [1]
How can this vulnerability impact me? :
The vulnerability can lead to the disclosure of sensitive files on the affected website, including database credentials. Depending on the website's configuration, an attacker could use this to gain full control over the database, resulting in data theft, data manipulation, or complete compromise of the website's backend. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring web server logs for suspicious requests attempting to exploit Local File Inclusion (LFI) vulnerabilities, such as requests including file path traversal patterns or attempts to include local files via the Samex WooCommerce WordPress Theme. Specific commands are not provided in the resources, but typical detection methods include searching access logs for patterns like "include=", "require=", or directory traversal sequences (e.g., "../") targeting the theme's endpoints. Using web application firewalls or Patchstack's virtual patching platform can also help detect and block exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack, which blocks attack attempts targeting this vulnerability until an official fix is released. Since no official patch is currently available, deploying this virtual patch is the recommended action. Additionally, monitoring and restricting access to the affected theme and ensuring web application firewall protections are in place can help reduce risk. [1]