CVE-2025-67940
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-29
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mikado-themes | powerlift | to 3.2.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
Exploiting this vulnerability can lead to exposure of sensitive information like database credentials and potentially a complete database takeover depending on the website's configuration. This can compromise the security and integrity of the affected website and its data. [1]
Can you explain this vulnerability to me?
CVE-2025-67940 is a Local File Inclusion (LFI) vulnerability in the WordPress Powerlift Theme versions prior to 3.2.1. It allows unauthenticated attackers to include and display local files from the target website, which can expose sensitive information such as database credentials. This vulnerability arises from improper control of filenames used in include/require statements in PHP, enabling attackers to manipulate file inclusion. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can be done by monitoring web requests for suspicious include or require statements that attempt to access local files. You can use web server logs to identify requests containing typical LFI attack patterns such as directory traversal sequences (e.g., ../) or attempts to include sensitive files like /etc/passwd. Commands like 'grep' on access logs can help, for example: grep -E "(\.{2}/)+" /var/log/apache2/access.log. Additionally, using web application firewalls (WAF) with rules targeting this vulnerability can help detect and block exploit attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Powerlift Theme to version 3.2.1 or later, where the vulnerability is fixed. Until the update can be applied, applying Patchstack's mitigation rules to block attacks targeting this vulnerability is recommended. Using automated protection and rapid mitigation services provided by Patchstack can also help reduce risk. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated attackers to include and display local files from the target website, potentially exposing sensitive information such as database credentials. Exposure of sensitive data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information. Therefore, if exploited, this vulnerability could negatively impact compliance with these standards by risking unauthorized data disclosure. [1]