CVE-2025-58949 WordPress Spock theme <= 1.17 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through = 1.17...

CVE-2025-58949

The CVE-2025-58949 is tied to the WordPress Spock theme (versions ≤ 1.17). The issue is an improper control of filenames for include/require, enabling PHP Local File Inclusion. Affected software/component: WordPress Spock theme. Root cause: improper filename handling in PHP includes. Impact as de...

WordPress Spock theme <= 1.17 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Spock versions = 1.17...