CVE-2025-58967 | ThemeMove Businext Plugin up to 2.4.4 on WordPress filename control

A vulnerability classified as critical has been found in ThemeMove Businext Plugin up to 2.4.4 on WordPress. Impacted is an unknown function. Performing manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability was named CVE-2025-58967. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More