WordPress Madara Theme < 2.2.2.1 - Local File Inclusion

Madara WordPress theme = 2.2.2 contains a local file inclusion vulnerability caused by improper sanitization of the 'template' parameter, letting unauthenticated attackers execute arbitrary files on the server, exploit requires crafted request. id: CVE-2025-4524 info: name: WordPress Madara Theme...

📄 WordPress Madera 2.2.2 Local File Inclusion

WordPress Madera plugin versions 2.2.2 and below suffer from a local file inclusion vulnerability. Exploit Title: WordPress Madara Local File Inclusion Date: November 1, 2025 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: WordPress Theme Madara Software Link: WordPress Theme Madara Teste...

CVE-2025-4524

The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...

WordPress Madara Theme <= 2.2.2 is vulnerable to Local File Inclusion

Software Madara Type Theme Vulnerable versions = 2.2.2 Fixed in 2.2.2.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2025-4524 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID a3266cbf8e97 Credits Kyle Bouchard ptrstr Required privilege...