Skip to main content

Imba

1 CVEs product

Monthly

CVE-2025-69106 HIGH This Week

Local File Inclusion in the Imba WordPress theme versions 1.5.0 and earlier allows remote unauthenticated attackers to read arbitrary files from the underlying server. The flaw is rooted in PHP file-inclusion handling (CWE-98) and has no public exploit identified at time of analysis, but its unauthenticated network reachability makes it a notable risk for sites still running the affected ThemeREX product.

PHP Information Disclosure LFI Imba
NVD VulDB
CVSS 3.1
8.1
EPSS
0.4%
EPSS 0% CVSS 8.1
HIGH This Week

Local File Inclusion in the Imba WordPress theme versions 1.5.0 and earlier allows remote unauthenticated attackers to read arbitrary files from the underlying server. The flaw is rooted in PHP file-inclusion handling (CWE-98) and has no public exploit identified at time of analysis, but its unauthenticated network reachability makes it a notable risk for sites still running the affected ThemeREX product.

PHP Information Disclosure LFI +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy