WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Bookory versions = 2.2.7...

WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Software : Bookory Type : Theme Vulnerable versions : = 2.2.7 Fixed in : 2.2.8 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68530 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 314b30db47fa...

CVE-2025-68530

CVE-2025-68530 affects the WordPress plugin/theme Bookory . The Wordfence entry documents an authenticated Local File Inclusion (LFI) via improper control of the filename used in PHP include/require, labeled as Authenticated (Contributor+) Local File Inclusion in Bookory &lt;= 2.2.7. The vulnerab...

CVE-2025-68530 WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Bookory bookory allows PHP Local File Inclusion.This issue affects Bookory: from n/a through = 2.2.7...

CVE-2025-68530 WordPress Bookory theme <= 2.2.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Bookory bookory allows PHP Local File Inclusion.This issue affects Bookory: from n/a through = 2.2.7...