CVE-2025-58950 | axiomthemes Lione Plugin up to 1.16 on WordPress filename control

Inserito da Angelo Barbosa | Dic 18, 2025 | CVE

A vulnerability identified as critical has been detected in axiomthemes Lione Plugin up to 1.16 on WordPress. This vulnerability affects unknown code. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is documented as CVE-2025-58950. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-58950 | axiomthemes Lione Plugin up to 1.16 on WordPress filename control

Post correlati

CVE-2023-46360 | Hardy Barth cPH2 eCharge Ladestation up to 1.87.0 unnecessary privileges

CVE-2024-8047 | Visual Sound Plugin up to 1.06 on WordPress Setting cross-site request forgery

CVE-2024-54664 | Veritas NetBackup up to 10.4 on Windows Local Privilege Escalation

CVE-2024-13659 | Listamester Plugin up to 2.3.4 on WordPress cross site scripting