Platform
wordpress
Component
case-theme-user
Fixed in
1.0.5
CVE-2025-5804 describes a PHP Local File Inclusion (LFI) vulnerability present in the Case Themes Case Theme User component. This flaw allows an attacker to manipulate file inclusion paths, potentially leading to the execution of arbitrary code on the server. The vulnerability impacts versions of Case Theme User from 0.0.0 through 1.0.4. A patch addressing this issue is available in version 1.0.4.
The primary impact of this LFI vulnerability is the potential for remote code execution (RCE). By crafting malicious file inclusion requests, an attacker can include sensitive system files, configuration files, or even PHP scripts. Successful exploitation could allow an attacker to read sensitive data, modify application behavior, or gain complete control over the affected server. The attacker could potentially escalate privileges and move laterally within the network if the server has access to other resources. This vulnerability shares similarities with other LFI exploits where attackers leverage the ability to include arbitrary files to compromise the system.
CVE-2025-5804 was published on 2026-04-10. The vulnerability's severity is rated as HIGH with a CVSS score of 7.5. Currently, there are no publicly known Proof-of-Concept (POC) exploits. The EPSS score is pending evaluation. There are no indications of active exploitation campaigns targeting this vulnerability at this time. Refer to the NVD (National Vulnerability Database) for updates and further information.
Exploit Status
EPSS
0.07% (22% percentile)
CISA SSVC
CVSS Vector
The recommended mitigation for CVE-2025-5804 is to immediately upgrade Case Theme User to version 1.0.4 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. These may include restricting file access permissions, implementing input validation to sanitize file paths, and configuring a Web Application Firewall (WAF) to block suspicious file inclusion attempts. Specifically, WAF rules should be configured to detect and block requests containing potentially malicious file paths. Monitor system logs for unusual file access patterns that might indicate exploitation attempts. After upgrading, confirm the fix by attempting a file inclusion request with a known malicious path; the request should be blocked or result in an error.
Actualice el plugin Case Theme User a una versión corregida (superior a 1.0.4) para mitigar la vulnerabilidad de inclusión de archivos locales. Verifique la fuente del plugin en wordpress.org para obtener la última versión. Considere implementar medidas de seguridad adicionales, como restringir el acceso a archivos sensibles.
Vulnerability analysis and critical alerts directly to your inbox.
It's a PHP Local File Inclusion (LFI) vulnerability in Case Themes Case Theme User, allowing attackers to include arbitrary files.
If you are using Case Theme User versions 0.0.0 through 1.0.4, you are potentially affected by this vulnerability.
Upgrade Case Theme User to version 1.0.4 or later to resolve the vulnerability. Implement temporary workarounds if immediate upgrade is not possible.
Currently, there are no publicly known exploits or active exploitation campaigns targeting this vulnerability.
Refer to the National Vulnerability Database (NVD) entry for CVE-2025-5804 for detailed information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.