VYPR

Edumall

by WordPress

CVEs (1)

  • CVE-2025-2101HigApr 26, 2025
    risk 0.53cvss 8.1epss 0.01

    The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumall_lazy_load_template' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary…