CVE-2025-49257
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49257 is a high-severity Local File Inclusion (LFI) vulnerability in the WordPress Zota Theme up to version 1.3.8. It allows an unauthenticated attacker to include and display local files from the target website by exploiting improper control of filename for include/require statements in PHP. This can expose sensitive information such as database credentials. [1]
How can this vulnerability impact me? :
Exploiting this vulnerability can expose sensitive files and information on the affected website, including database credentials. Attackers could use this information to take over the database completely, depending on the website's configuration. This can lead to data breaches, loss of data integrity, and full system compromise. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can involve monitoring for unusual HTTP requests attempting to include local files via the vulnerable theme. While specific commands are not provided, general detection methods include inspecting web server logs for suspicious URL parameters that try to include files, such as requests containing '../' sequences or attempts to access sensitive files like /etc/passwd. Additionally, server-side malware scanning and professional incident response are recommended to identify potential exploitation. Plugin-based malware scanners are not reliable as they can be tampered with. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack to block attacks until you can update. The vulnerability is fixed in Zota Theme version 1.3.9 and later, so updating to the latest version is critical. It is also recommended to perform professional incident response and server-side malware scanning if compromise is suspected. Relying solely on plugin-based malware scanners is discouraged due to their susceptibility to tampering. [1]