CVE-2025-68546 | Thembay Nika Plugin up to 1.2.14 on WordPress filename control

December 23, 2025 Yanac

A vulnerability labeled as problematic has been found in Thembay Nika Plugin up to 1.2.14 on WordPress. This impacts an unknown function. The manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is known as CVE-2025-68546. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More