CVE-2025-12497 | Premium Portfolio Features for Phlox Theme Plugin up to 2.3.10 on WordPress Premium Portfolio Feature args[extra_template_path] file inclusion

A vulnerability was found in Premium Portfolio Features for Phlox Theme Plugin up to 2.3.10 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component Premium Portfolio Feature. Such manipulation of the argument args[extra_template_path] leads to file inclusion.

This vulnerability is traded as CVE-2025-12497. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More