CVE-2025-68545
Local File Inclusion Vulnerability in thembay Nika
Publication date: 2026-02-20
Last updated on: 2026-04-27
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| thembay | nika | to 1.2.14 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68545 is a Local File Inclusion (LFI) vulnerability in the WordPress Nika Theme versions up to and including 1.2.14. It allows an unauthenticated attacker to include local files from the target website by exploiting improper control of filename in include/require statements in PHP. This means the attacker can access files on the server that should not be accessible.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can have severe impacts including exposure of sensitive information such as database credentials. Depending on the website's configuration, exploitation could lead to a complete database takeover. This can compromise the confidentiality, integrity, and availability of the website and its data."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'CVE-2025-68545 is a Local File Inclusion (LFI) vulnerability in the WordPress Nika Theme up to version 1.2.14 that allows an attacker to include local files. Detection typically involves monitoring for suspicious HTTP requests attempting to exploit the LFI, such as requests containing file path traversal patterns or attempts to include sensitive files.'}, {'type': 'paragraph', 'content': 'While specific commands are not provided in the resources, common detection methods include inspecting web server logs for suspicious parameters or payloads that include file paths, for example using grep commands on access logs to find attempts to include files:'}, {'type': 'list_item', 'content': 'grep -iE "(\\.|%2e){2,}/" /var/log/apache2/access.log'}, {'type': 'list_item', 'content': 'grep -i "include" /var/log/apache2/access.log'}, {'type': 'paragraph', 'content': 'Additionally, web application firewalls (WAFs) or intrusion detection systems (IDS) with rules targeting LFI attacks can help detect exploitation attempts.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate and most effective mitigation step is to update the WordPress Nika Theme to version 1.2.15 or later, where this vulnerability has been patched.
Before updating, Patchstack provides mitigation rules that can be applied to block attacks attempting to exploit this vulnerability.
Users are strongly advised to apply these mitigation rules or use automated protection services if available, and then promptly update the theme to prevent exploitation.