CVE-2025-64216 | ThemeSphere SmartMag Plugin up to 10.3.0 on WordPress filename control

A vulnerability was found in ThemeSphere SmartMag Plugin up to 10.3.0 on WordPress. It has been classified as critical. Affected by this vulnerability is an unknown functionality. Performing manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability was named CVE-2025-64216. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More