CVE-2025-39458 – Mikado-Themes Foton PHP Remote File Inclusion Vulnerability

May 19, 2025

CVE ID : CVE-2025-39458

Published : May 19, 2025, 7:15 p.m. | 22 minutes ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Mikado-Themes Foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through 2.5.2.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47577 – TemplateInvaders TI WooCommerce Wishlist Unrestricted File Upload Remote Code Execution

Next Article CVE-2025-39410 – Themegusta Smart Sections Theme Builder – WPBakery Page Builder Addon Deserialization of Untrusted Data Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

NVIDIA’s latest driver fixes some big issues with DOOM: The Dark Ages

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Universal Design and Global Accessibility Awareness Day (GAAD)

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

CVE-2025-39458 – Mikado-Themes Foton PHP Remote File Inclusion Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4996 – Intelbras RF 301K Cross-Site Scripting Vulnerability

Researchers Observe Surge in Use of Mekotio Banking Trojan Against Latin American Financial Systems

Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud

Sam Altman says OpenAI is no longer “compute-constrained” — after Microsoft lost its exclusive cloud provider status

How To Use Chrome’s Developer Tools

CISA unveils new recommendations for developing secure software

Mixture-of-Denoising Experts (MoDE): A Novel Generalist MoE-based Diffusion Policy

Microsoft won’t really let you block new Outlook on Windows 10 (auto-install)

CVE-2025-1863 – Yokogawa Electric Corporation Paperless Recorders Authentication Bypass

CVE-2025-39458 – Mikado-Themes Foton PHP Remote File Inclusion Vulnerability

Related Posts