CVE-2025-68886
PHP Local File Inclusion in Cookiteer
Publication date: 2026-06-02
Last updated on: 2026-06-02
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| androthemes | cookiteer | From 1.0.0 (inc) to 1.4.8 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The Local File Inclusion (LFI) vulnerability in the Cookiteer WordPress theme can lead to the exposure of sensitive data such as database credentials and potentially a full database takeover. This exposure of sensitive information could result in non-compliance with data protection regulations like GDPR and HIPAA, which require the protection of personal and sensitive data from unauthorized access.
Because attackers can exploit this vulnerability to access confidential information, organizations using the affected theme may face increased risk of data breaches, which can lead to regulatory penalties and loss of trust.
Can you explain this vulnerability to me?
CVE-2025-68886 is a Local File Inclusion (LFI) vulnerability in the WordPress Cookiteer Theme, versions 1.4.8 and below. It arises from improper control of filenames used in PHP include or require statements, allowing attackers to include local files on the target website.
This flaw enables attackers to potentially access sensitive files on the server, such as configuration files or database credentials, by tricking the application into loading unintended files.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to serious security impacts including exposure of sensitive data like database credentials.
Depending on the server configuration, attackers may achieve a full database takeover, compromising the integrity, confidentiality, and availability of the affected system.
The vulnerability is actively targeted in mass-exploit campaigns, meaning websites of any size or popularity are at risk.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the temporary mitigation rule issued by Patchstack to block attacks targeting this vulnerability.
Since there is no official patch available from the theme developers yet, it is advised to update the Cookiteer theme when a new version is released.
You should also seek assistance from your hosting provider or a developer to help implement these mitigations and monitor your system for exploitation attempts.