Skip to main content

Gita

1 CVEs product

Monthly

CVE-2025-69160 HIGH This Week

Unauthenticated local file inclusion in the ThemeRex Gita WordPress theme versions 1.11 and earlier allows remote attackers to include arbitrary local files via a PHP file-inclusion weakness (CWE-98), potentially exposing wp-config.php credentials and enabling further compromise. No public exploit identified at time of analysis, but the vulnerability is network-reachable without authentication and has been disclosed by Patchstack with a CVSS 3.1 base score of 8.1.

PHP Information Disclosure LFI Gita
NVD
CVSS 3.1
8.1
EPSS
0.5%
EPSS 0% CVSS 8.1
HIGH This Week

Unauthenticated local file inclusion in the ThemeRex Gita WordPress theme versions 1.11 and earlier allows remote attackers to include arbitrary local files via a PHP file-inclusion weakness (CWE-98), potentially exposing wp-config.php credentials and enabling further compromise. No public exploit identified at time of analysis, but the vulnerability is network-reachable without authentication and has been disclosed by Patchstack with a CVSS 3.1 base score of 8.1.

PHP Information Disclosure LFI +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy