Skip to main content

Itactics

1 CVEs product

Monthly

CVE-2025-69176 HIGH This Week

Local File Inclusion in the ThemeREX ITactics WordPress theme versions 1.0 and earlier allows remote unauthenticated attackers to include arbitrary files from the underlying server, leading to disclosure of sensitive configuration data and potentially PHP code execution if attacker-controlled content can be staged on the host. Tracked by Patchstack and indexed in ENISA EUVD as EUVD-2025-210182, the issue carries a CVSS 8.1 (High) score with no public exploit identified at time of analysis.

PHP Information Disclosure LFI Itactics
NVD
CVSS 3.1
8.1
EPSS
0.4%
EPSS 0% CVSS 8.1
HIGH This Week

Local File Inclusion in the ThemeREX ITactics WordPress theme versions 1.0 and earlier allows remote unauthenticated attackers to include arbitrary files from the underlying server, leading to disclosure of sensitive configuration data and potentially PHP code execution if attacker-controlled content can be staged on the host. Tracked by Patchstack and indexed in ENISA EUVD as EUVD-2025-210182, the issue carries a CVSS 8.1 (High) score with no public exploit identified at time of analysis.

PHP Information Disclosure LFI +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy