CVE-2025-64360 | StylemixThemes Consulting Elementor Widgets Plugin up to 1.4.2 on WordPress filename control

October 31, 2025 Yanac

A vulnerability labeled as critical has been found in StylemixThemes Consulting Elementor Widgets Plugin up to 1.4.2 on WordPress. The impacted element is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is listed as CVE-2025-64360. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More