CVE-2025-67934 WordPress Wellspring theme < 2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wellspring wellspring allows PHP Local File Inclusion.This issue affects Wellspring: from n/a through 2.8...

CVE-2025-67934 WordPress Wellspring theme < 2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wellspring wellspring allows PHP Local File Inclusion.This issue affects Wellspring: from n/a through 2.8...

CVE-2025-67934

CVE-2025-67934 affects Wellspring (WellSpring WordPress Theme by Mikado-Themes) prior to 2.8, enabling unauthenticated Local File Inclusion via improper handling of PHP include/require filename. Wordfence notes the Wellspring

PT-2026-1909

Name of the Vulnerable Software and Affected Versions Mikado-Themes Wellspring versions prior to 2.8 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files. The...

WordPress Wellspring theme < 2.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Wellspring versions 2.8...