CVE-2025-49251
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49251 is a Local File Inclusion (LFI) vulnerability in the WordPress Fana Theme up to version 1.1.28. It allows unauthenticated attackers to include and display local files from the target website by exploiting improper control of filename for include/require statements in PHP. This can expose sensitive files such as those containing database credentials, potentially leading to further compromise. [1]
How can this vulnerability impact me? :
Exploiting this vulnerability can allow attackers to access sensitive files on the server, such as database credentials, which may lead to a complete database takeover depending on the server configuration. This can result in data breaches, unauthorized access, and potentially full control over the affected system. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can lead to unauthorized access and exposure of sensitive data, which may result in non-compliance with data protection regulations such as GDPR and HIPAA. Organizations affected by this vulnerability risk violating these standards due to potential data breaches and inadequate protection of personal or sensitive information. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can involve monitoring for unusual HTTP requests attempting to include local files via the thembay Fana theme. While specific commands are not provided, typical detection methods include inspecting web server logs for suspicious parameters in URLs that reference local files, such as attempts to include files like /etc/passwd or other sensitive files. Network intrusion detection systems (NIDS) can be configured to alert on patterns matching LFI attack signatures. Additionally, professional incident response and server-side malware scanning are recommended for compromised systems, as plugin-based scanners may be unreliable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack to block attacks targeting this vulnerability until you can update. The most effective mitigation is to update the thembay Fana theme to version 1.1.29 or later, where the vulnerability is fixed. Patchstack recommends rapid updating to prevent mass exploitation. In case of suspected compromise, professional incident response and server-side malware scanning should be conducted. [1]