CVE-2025-59564 | ThemeMove EduMall Plugin up to 4.4.5 on WordPress filename control

A vulnerability labeled as critical has been found in ThemeMove EduMall Plugin up to 4.4.5 on WordPress. Impacted is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is traded as CVE-2025-59564. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More