- Description
- The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
- Source
- security@wordfence.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@wordfence.com
- CWE-22
- Hype score
- Not currently trending
CVE-2025-4524 (CVSS:9.8, CRITICAL) is Awaiting Analysis. The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclu..https://t.co/YzO7wzHfKY #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
26 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4524 The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2… https://t.co/XIIKlMPdop
@CVEnew
21 May 2025
410 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4524: CRITICAL] Vulnerable Madara WordPress theme allows unauthenticated attackers to execute arbitrary PHP files via Local File Inclusion. Sensitive data can be accessed or code executed.#cve,CVE-2025-4524,#cybersecurity https://t.co/q4enlmaxZt https://t.co/4xbW8kdbzR
@CveFindCom
21 May 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes