{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-67940", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:00:06.384Z", "datePublished": "2026-01-22T16:51:53.314Z", "dateUpdated": "2026-04-28T19:27:15.571Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://themeforest.net", "defaultStatus": "unaffected", "packageName": "powerlift", "product": "Powerlift", "vendor": "Mikado-Themes", "versions": [{"changes": [{"at": "3.2.1", "status": "unaffected"}], "lessThanOrEqual": "3.2.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:02:18.980Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.<p>This issue affects Powerlift: from n/a through < 3.2.1.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through < 3.2.1."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:24.379Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/powerlift/vulnerability/wordpress-powerlift-theme-3-2-1-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress Powerlift theme < 3.2.1 - Local File Inclusion vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-28T16:37:53.071876Z", "id": "CVE-2025-67940", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T19:27:15.571Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-67940", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-28T16:37:53.071876Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-28T16:37:44.172Z"}}], "cna": {"title": "WordPress Powerlift theme < 3.2.1 - Local File Inclusion vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "affected": [{"vendor": "Mikado-Themes", "product": "Powerlift", "versions": [{"status": "affected", "changes": [{"at": "3.2.1", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "< 3.2.1"}], "packageName": "powerlift", "collectionURL": "https://themeforest.net", "defaultStatus": "unaffected"}], "datePublic": "2026-01-22T17:44:01.906Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/powerlift/vulnerability/wordpress-powerlift-theme-3-2-1-local-file-inclusion-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through < 3.2.1.", "supportingMedia": [{"type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.<p>This issue affects Powerlift: from n/a through < 3.2.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-01-22T16:51:53.314Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67940", "state": "PUBLISHED", "dateUpdated": "2026-01-29T15:23:34.041Z", "dateReserved": "2025-12-15T10:00:06.384Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-01-22T16:51:53.314Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through < 3.2.1."}, {"lang": "es", "value": "La vulnerabilidad de control inadecuado del nombre de fichero para la declaraci\u00f3n Include/Require en el programa PHP ('inclusi\u00f3n remota de ficheros PHP') en Mikado-Themes Powerlift powerlift permite la inclusi\u00f3n local de ficheros PHP. Este problema afecta a Powerlift: desde n/a hasta &lt; 3.2.1."}], "id": "CVE-2025-67940", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-01-22T17:16:02.843", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/powerlift/vulnerability/wordpress-powerlift-theme-3-2-1-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T21:36:36.374451+00:00", "value": {"mitigation_remediation": ["Upgrade the Powerlift theme to version 3.2.1 or later to eliminate the vulnerability.", "If an immediate upgrade is not possible, configure the server to disable dynamic file inclusion by setting allow_url_include to Off and applying open_basedir restrictions that limit inclusion to WordPress directories.", "Deploy web\u2011application firewall rules or input filters to block requests that attempt to reference files outside the intended directories, reducing the risk of file inclusion attacks."], "summary": {"action": "Patch Now", "impact": "Local File Inclusion that can lead to Remote Code Execution"}, "threat_synthesis": {"affected_systems": "It affects the Mikado-Themes Powerlift theme in all releases prior to version 3.2.1, which can be identified by the vendor/product name Powerlift for WordPress.", "description_and_impact": "This vulnerability originates from improper handling of filename parameters in PHP include statements, allowing an attacker to force the Powerlift theme to include arbitrary local files. The resulting local file inclusion can expose sensitive data and may be leveraged to execute malicious code, compromising the confidentiality, integrity, and availability of the affected WordPress site.", "risk_and_exploitability": "The CVSS score of 8.1 indicates a high severity, while the very low EPSS (<1%) suggests exploitation is uncommon but still possible. The vulnerability is not yet catalogued in the CISA KEV list. Based on the description, the likely attack vector is remote: an attacker can trigger the inclusion by manipulating a publicly exposed URL or input field where the theme resolves paths. Successful exploitation would require access to the web application's file system or the ability to influence the include path."}}}}, "created": "2026-01-23T16:30:21.333295+00:00", "updated": "2026-04-27T21:45:14.527436+00:00", "vendors": ["mikado-themes", "mikado-themes$PRODUCT$powerlift", "wordpress", "wordpress$PRODUCT$wordpress"]}