CVE-2025-4524 Madara – Responsive and modern WordPress theme for manga sites <= 2.2.2 - Unauthenticated Local File Inclusion

May 21, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-4524 Madara – Responsive and modern WordPress theme for manga sites <= 2.2.2 - Unauthenticated Local File Inclusion
Type cve
Published 2025-05-21T06:39:46
Last Seen 2025-05-21T07:09:04

CVSS Information

Base Score 9.8 (CRITICAL)
Attack Vector NETWORK
Attack Complexity LOW
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

AI Analysis

AI Description The Madara WordPress theme for manga sites is vulnerable to Local File Inclusion in versions up to 2.2.2 via the ‘template’ parameter. This allows unauthenticated attackers to include and execute arbitrary files on the server, potentially leading to remote code execution.
AI Severity Critical
Vendor Madara
Product Madara – Responsive and modern WordPress theme for manga sites
Affected Version <= 2.2.2

Additional Information

CVE List CVE-2025-4524
CWE List CWE-22
Bulletin Family cve

Description

The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This…

CVSS Score Summary

Base Score: %!f(string=#) (CRITICAL)

View Full CVE Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.