Local File Inclusion Vulnerability in Truemag Theme by WordPress
CVE-2025-69178

8.1HIGH

Key Information:

Vendor: WordPress
Status: Truemag
Vendor: CVE Published:; 16 June 2026

What is CVE-2025-69178?

An unauthenticated local file inclusion vulnerability has been identified in the Truemag theme, impacting versions up to 4.3.14.2. This flaw allows attackers to access restricted files on the server, potentially exposing sensitive information and leading to further exploitation. It is crucial for administrators using affected versions to apply updates to mitigate this risk and safeguard their sites.

Affected Version(s)

Truemag <= 4.3.14.2

References

https://patchstack.com/database/wordpress/theme/truemag/v...

vdb-entry

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
Dec 29, 2025

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program

CVE-2025-69178 Data

JSON