CVE-2025-68061

CVE-2025-68061 affects the WordPress ThemeMove EduMall theme (EduMall,

CVE-2025-68061 WordPress EduMall theme <= 4.4.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through = 4.4.7...

CVE-2025-68061 WordPress EduMall theme <= 4.4.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through = 4.4.7...

CVE-2025-59564 WordPress EduMall Theme < 4.4.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through 4.4.5...

CVE-2025-59564

The CVE describes a PHP Local File Inclusion in WordPress EduMall Theme prior to version 4.4.5 caused by improper control of the filename in an include/require statement. Affected product: WordPress EduMall Theme

WordPress EduMall Theme < 4.4.5 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme EduMall versions 4.4.5...

CVE-2025-2101

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumalllazyloadtemplate' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the serve...

CVE-2025-2101

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumalllazyloadtemplate' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the serve...

CVE-2025-2101 Edumall <= 4.2.4 - Unauthenticated Local File Inclusion

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumalllazyloadtemplate' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the serve...

CVE-2025-2101 Edumall <= 4.2.4 - Unauthenticated Local File Inclusion

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumalllazyloadtemplate' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the serve...

CVE-2025-2101

CVE-2025-2101 (Edumall theme for WordPress) Unauthenticated Local File Inclusion via the template parameter of the edumall_lazy_load_template AJAX action affects Edumall

PT-2025-17957 · WordPress · Edumall

Name of the Vulnerable Software and Affected Versions: Edumall theme for WordPress versions up to, and including, 4.2.4 Description: The issue allows unauthenticated attackers to include and execute arbitrary PHP files on the server via the template parameter of the 'edumall lazy load template'...

WordPress EduMall Theme <= 4.2.4 is vulnerable to Local File Inclusion

Software EduMall Type Theme Vulnerable versions = 4.2.4 Fixed in 4.3.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2025-2101 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID ce27fee25f49 Credits Tonn Required privilege Unauthenticated Published ...