CVE-2025-49366

CVE-2025-49366 is a local file inclusion (LFI) vulnerability in the WordPress Hanani theme up to version 1.2.11 . The issue arises from improper control of filenames in PHP include/require statements, enabling an attacker to include local files. Affected product: AncoraThemes Hanani/Hanani WordPr...

CVE-2025-49366 WordPress Hanani theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Hanani hanani allows PHP Local File Inclusion.This issue affects Hanani: from n/a through = 1.2.11...

PT-2025-52009

Name of the Vulnerable Software and Affected Versions AncoraThemes Hanani versions through 1.2.11 Description The software contains a flaw related to improper control of filenames used in include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of...

WordPress Hanani theme <= 1.2.11 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Hanani versions = 1.2.11...