CVE-2025-69077
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-29
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ancorathemes | hobo | to 1.0.10 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-69077 is a Local File Inclusion (LFI) vulnerability in the WordPress Hobo Theme (versions up to 1.0.10). It allows an unauthenticated attacker to include and display local files from the target website. This means the attacker can access sensitive files on the server, such as configuration files or database credentials, by exploiting improper control of filename inputs in the PHP include/require statements. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion (LFI) vulnerability can be performed by monitoring web server logs for suspicious requests attempting to include local files via the Hobo WordPress theme. Specific commands are not provided in the resources, but typical detection involves searching for URL parameters or POST data containing file inclusion patterns such as '../' sequences or attempts to access sensitive files like /etc/passwd. Using web application firewalls (WAF) with rules targeting this vulnerability can also help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the Patchstack mitigation rule designed to block attacks targeting this vulnerability, as no official patch is available yet. Users should implement this mitigation promptly to protect their websites from exploitation. Additionally, restricting file inclusion permissions and monitoring for suspicious activity are recommended until an official fix is released. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including exposure of sensitive information like database credentials. Exploiting this flaw could lead to a complete database takeover depending on the website's configuration. Since it requires no privileges to exploit, any attacker can potentially compromise the website, leading to data breaches and loss of control over the database. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an attacker to include and display local files from the target website, potentially exposing sensitive information such as database credentials. This exposure of sensitive data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require the protection of personal and sensitive information. Therefore, exploitation of this vulnerability may result in violations of these standards due to unauthorized data disclosure. [1]