CVE-2025-49942
CVE-2025-49942 affects the WordPress Gardis theme (and Gardis plugins) with a Local File Inclusion vulnerability due to improper control of filenames in include/require statements. Affected versions are Gardis up to 1.2.13. The root cause is PHP-based Local File Inclusion, enabling inclusion of l...