CVE-2025-58215
BaseFortify
Publication date: 2025-09-09
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | ziston_theme | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-58215 is a Local File Inclusion (LFI) vulnerability in the WordPress Ziston Theme versions prior to 1.4.5. It allows unauthenticated attackers to include and display local files from the target website by exploiting improper control of filename in PHP include/require statements. This can expose sensitive information such as database credentials and potentially lead to further compromise of the website. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to access sensitive files on your website, including database credentials, which may lead to a complete database takeover. This can result in data breaches, loss of data integrity, and availability issues for your website. Attackers may automate exploitation attempts, increasing the risk of compromise if the vulnerability is not patched. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can involve monitoring web server logs for suspicious requests attempting to include local files, such as requests containing file path traversal patterns (e.g., '../') or attempts to access sensitive files like /etc/passwd. Additionally, scanning the WordPress site for the vulnerable Ziston theme version prior to 1.4.5 can help identify exposure. Specific commands might include using grep on access logs to find suspicious patterns, for example: grep -E "(\.{2}/|etc/passwd|boot.ini)" /var/log/apache2/access.log. Also, using vulnerability scanners that detect LFI issues or checking the installed theme version via WordPress CLI commands can assist in detection. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the WordPress Ziston theme to version 1.4.5 or later, which contains the fix for this vulnerability. Until the update can be applied, applying the virtual patch provided by Patchstack can help prevent exploitation. Additionally, restricting access to sensitive files via web server configuration and monitoring for suspicious activity are recommended. Ensuring that the web server and PHP configurations follow best security practices to limit file inclusion risks is also advised. [1]