CVE-2025-28945
BaseFortify
Publication date: 2025-06-09
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Local File Inclusion (LFI) issue in the Valen - Sport, Fashion WooCommerce WordPress Theme up to version 2.4. It allows unauthenticated attackers to include and display local files from the target website by exploiting improper control of filenames in PHP include/require statements. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover depending on the website's configuration. [1]
How can this vulnerability impact me? :
The impact of this vulnerability includes unauthorized access to sensitive files on the server, exposure of confidential information like database credentials, and potentially a full database takeover. This can compromise the integrity, confidentiality, and availability of the affected website and its data. Because the vulnerability can be exploited remotely without authentication, it poses a high risk of mass exploitation. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can negatively affect compliance with standards such as GDPR and HIPAA because it may lead to unauthorized disclosure of sensitive personal or protected health information. Exposure or compromise of such data due to this vulnerability could result in violations of data protection and privacy regulations, leading to legal and financial consequences. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can involve monitoring web server logs for suspicious requests attempting to include local files, such as requests containing file path traversal patterns (e.g., ../) or attempts to access sensitive files. Specific commands depend on your environment, but common approaches include using tools like grep to search web server logs for suspicious patterns. For example, on a Linux server, you might run: grep -E "(\.{2}/|etc/passwd|boot.ini)" /var/log/apache2/access.log. Additionally, web application firewalls or intrusion detection systems can be configured to detect and alert on such exploitation attempts. Since no official patch is available, applying the Patchstack virtual patch can also help detect and block exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the Patchstack virtual patch (vPatch) which blocks exploitation attempts until an official fix is released. Users should promptly implement this virtual patch to protect their websites. Additionally, monitoring for suspicious activity and restricting access to sensitive files via server configuration can help reduce risk. If a site is suspected to be compromised, professional incident response is recommended. Since no official patched version is available, these mitigations are critical to prevent exploitation. [1]