CVE-2025-67934

Name of the Vulnerable Software and Affected Versions Mikado-Themes Wellspring versions prior to 2.8

Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files. The issue affects the Wellspring theme.

Recommendations Update to Wellspring version 2.8 or later.