CVE-2025-62054 | favethemes Houzez Theme up to 4.1.8 on WordPress filename control

A vulnerability was found in favethemes Houzez Theme up to 4.1.8 on WordPress and classified as critical. Affected is an unknown function. The manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is reported as CVE-2025-62054. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More