CVE-2025-68908
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | barberry | to 2.9.9.87 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability in the Barberry WordPress theme can be done by monitoring for attempts to include local files via HTTP requests targeting the theme. While no specific commands are provided, you can inspect web server logs for suspicious requests containing file inclusion patterns such as attempts to include files like /etc/passwd or other sensitive files. Additionally, deploying the Patchstack mitigation rule can help detect and block exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the Patchstack mitigation rule provided to block attacks exploiting this vulnerability until an official patch is released. Since no official fix is available as of the publication date, deploying this mitigation rule is recommended to protect affected sites. Additionally, monitoring and restricting access to the vulnerable Barberry theme and limiting file inclusion capabilities can help reduce risk. [1]
Can you explain this vulnerability to me?
CVE-2025-68908 is a Local File Inclusion (LFI) vulnerability in the WordPress Barberry Theme up to version 2.9.9.87. It allows unauthenticated attackers to include and display local files from the target website. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover depending on the website's configuration. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to access and display sensitive local files on your website, potentially exposing critical information like database credentials. Exploiting this flaw could lead to a complete takeover of your database, severely compromising your website's security and data integrity. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated attackers to include and display local files from the target website, potentially exposing sensitive information such as database credentials. Exposure of sensitive data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information. Therefore, exploitation of this vulnerability may result in violations of these standards due to unauthorized data disclosure. [1]