CVE-2025-49070 Information

Description

Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in NasaTheme Elessi allows PHP Local File Inclusion. This issue affects Elessi: from n/a through n/a.

Reference

https://patchstack.com/database/wordpress/theme/elessi-theme/vulnerability/wordpress-elessi-6-4-1-local-file-inclusion-vulnerability?_s_id=cve

Related CNNVD

CNNVD-202507-359 (Published: 2025-07-04)