CVE-2025-67981 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

CVE-2025-67981

CVE-2025-67981 is a locally exploitable vulnerability in the WordPress theme Besa (thembay) &lt;= 2.3.15, described as an unauthenticated Local File Inclusion (LFI) due to improper control of the filename used in PHP include/require. Public sources (NVD/Red Hat/CVE list) confirm the affected prod...

CVE-2025-67981 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Besa versions = 2.3.15...

WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Besa versions = 2.3.15...

CVE-2025-67530 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

CVE-2025-67530 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

CVE-2025-67530

CVE-2025-67530 is a WordPress/Besa Theme vulnerability: an authenticated (Contributor+) local file inclusion (LFI) through improper handling of PHP include/require. Public detail: affected software is Besa up to version 2.3.15; the issue was identified as a Local File Inclusion via include/requir...

WordPress Besa theme <= 2.3.8 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Besa versions = 2.3.8...

WordPress Besa Theme <= 2.3.8 is vulnerable to Local File Inclusion

Software Besa Type Theme Vulnerable versions = 2.3.8 Fixed in 2.3.10 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49252 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID ea01ea6c86b2 Credits Phat RiO - BlueRock Required privilege...