CVE-2025-24768
BaseFortify
Publication date: 2025-06-09
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-24768 is a Local File Inclusion (LFI) vulnerability in the WordPress Nitan Theme up to version 2.9. It allows an unauthenticated attacker to include and display local files from the target website by exploiting improper control of filename in PHP include/require statements. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including exposure of sensitive information like database credentials, which can lead to unauthorized access and a complete takeover of the website's database. Attackers can automate exploitation attempts, increasing the risk of mass exploitation. Without mitigation, affected websites are at high risk of compromise. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion vulnerability can be done by monitoring for unusual HTTP requests attempting to include local files via the vulnerable theme. Since attackers automate exploitation attempts, inspecting web server logs for suspicious include/require parameters or payloads targeting the Nitan theme is recommended. However, no specific detection commands are provided. Using web application firewalls or Patchstack's virtual patch can help block attack attempts and detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack to block attack attempts until an official fix is released. Users should promptly deploy this virtual patch to protect their websites. Additionally, seeking professional incident response services is advised if a compromise is suspected, as plugin-based malware scanners may not reliably detect exploitation. Monitoring and blocking suspicious traffic targeting the vulnerability is also recommended. [1]