CVE-2025-49254
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49254 is a Local File Inclusion (LFI) vulnerability in the WordPress Nika Theme versions up to and including 1.2.8. It allows unauthenticated attackers to include and display local files from the target website by exploiting improper control of filename for include/require statements in PHP. This means attackers can read sensitive files on the server, such as those containing database credentials. [1]
How can this vulnerability impact me? :
Exploiting this vulnerability can expose sensitive files on your server, including database credentials, potentially leading to a complete database takeover depending on the server configuration. Since no authentication is required, attackers can easily exploit this flaw, making it highly dangerous and likely to be mass exploited. This can result in data breaches, unauthorized access, and compromise of your website and backend systems. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for exploitation attempts that try to include local files via the vulnerable Nika theme. Since the vulnerability allows unauthenticated attackers to include local files, you can look for suspicious HTTP requests containing file inclusion patterns targeting the Nika theme. Patchstack suggests that plugin-based malware scanners may be unreliable, so professional incident response services are recommended if compromise is suspected. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Nika theme to version 1.2.9 or later, where the vulnerability is fixed. Alternatively, applying the virtual patch (vPatch) provided by Patchstack can block exploitation attempts until the official patch is applied. Seeking professional incident response services is advised if you suspect compromise. [1]