PHP Remote File Inclusion Vulnerability in Edge-Themes Eldon Theme
CVE-2025-69057

8.1HIGH

Key Information:

Vendor: WordPress
Status: Eldon
Vendor: CVE Published:; 22 January 2026

What is CVE-2025-69057?

The Edge-Themes Eldon theme is susceptible to a PHP Remote File Inclusion vulnerability, allowing unauthorized attackers to compromise local files on the server. Specifically, due to improper handling of files in include or require statements, this flaw can lead to local file inclusion exploitation. The affected versions of the Eldon theme are up to and including 1.0, making it imperative for users to update their installations to mitigate the risk.

Affected Version(s)

Eldon 0 <= 1.0

References

https://patchstack.com/database/Wordpress/Theme/eldon/vul...

vdb-entry

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Dec 29, 2025

Credit

Bonds | Patchstack Bug Bounty Program

CVE-2025-69057 Data

JSON

WordPress

What is CVE-2025-69057?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit