CVE-2025-59564
Published: 22 October 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-59564 is an Improper Control of Filename for Include/Require Statement in PHP Program vulnerability, classified under CWE-98 and described as enabling PHP Local File Inclusion, in the ThemeMove EduMall WordPress theme. The issue affects EduMall versions from n/a through those prior to 4.4.5.
Unauthenticated remote attackers (AV:N/PR:N/UI:N) can exploit this vulnerability over the network with high attack complexity (AC:H) and unchanged scope (S:U), potentially achieving high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), resulting in a CVSS v3.1 base score of 8.1.
The Patchstack advisory details this Local File Inclusion vulnerability in the WordPress EduMall theme and indicates it is addressed in version 4.4.5.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Unauthenticated remote LFI in public-facing WordPress theme enables T1190 (Exploit Public-Facing Application) and facilitates T1005 (Data from Local System) via arbitrary local file reads.