CVE-2025-58948 | axiomthemes Aromatica Plugin up to 1.8 on WordPress filename control

Inserito da Angelo Barbosa | Dic 18, 2025 | CVE

A vulnerability was found in axiomthemes Aromatica Plugin up to 1.8 on WordPress. It has been classified as critical. Affected is an unknown function. This manipulation causes improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is tracked as CVE-2025-58948. The attack is possible to be carried out remotely. No exploit exists.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

CVE-2025-58948 | axiomthemes Aromatica Plugin up to 1.8 on WordPress filename control

Post correlati

CVE-2024-40585 | Fortinet FortiAnalyzer log file (FG-IR-24-311)

CVE-2024-41475 | GNU Gnuboard 6.0.7 cross-domain policy

CVE-2024-42578 | Warehouse Inventory System 2.0 edit_product.php cross-site request forgery

CVE-2024-46869 | Linux Kernel up to 6.10.11/6.11.0 btintel_pcie allocation of resources (fa9e1c1b1f38/2b4545f08cc6/7ffaa2002518)