PHP Remote File Inclusion Vulnerability in TieLabs Jannah Theme
CVE-2025-64205

Currently unrated

Key Information:

Vendor

WordPress
Status
Jannah
Vendor
CVE Published:
18 December 2025

What is CVE-2025-64205?

The Jannah theme by TieLabs is subject to a PHP Remote File Inclusion vulnerability, which allows attackers to exploit improper handling of filenames in include or require statements. This vulnerability can enable local file inclusion, potentially allowing unauthorized access to sensitive files on the server. Affected versions, especially those prior to 7.6.0, are at risk, and it is crucial for users to review their installations and apply necessary updates to ensure security.

Affected Version(s)

Jannah <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Theme/janna...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
JSON
.
CVE-2025-64205 : PHP Remote File Inclusion Vulnerability in TieLabs Jannah Theme