CVE-2025-67937

Name of the Vulnerable Software and Affected Versions Mikado-Themes Hendon versions prior to 1.7

Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files. The vulnerability exists due to insufficient sanitization of file paths used in include or require statements.

Recommendations Update Mikado-Themes Hendon to version 1.7 or later.