CVE-2025-58803 – This vulnerability allows attackers to include ... (How to Fix)

📋 TL;DR

This vulnerability allows attackers to include local files on the server through improper filename control in PHP's include/require statements. It affects WordPress sites using the Algenix theme version 1.0 or earlier. Attackers can potentially read sensitive files or execute arbitrary code.

💻 Affected Systems

Products:

WordPress Algenix Theme

Versions: All versions up to and including 1.0

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Algenix theme active. PHP configuration with allow_url_include disabled does not prevent local file inclusion.

📦 What is this software?

Algenix by Axiomthemes

View all CVEs affecting Algenix →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise through arbitrary code execution leading to data theft, ransomware deployment, or complete system takeover.

🟠

Likely Case

Sensitive file disclosure (configuration files, database credentials, user data) and limited code execution within web server context.

🟢

If Mitigated

Limited impact with proper file permissions and web server hardening, potentially only file disclosure without code execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP requests can trigger the vulnerability. Public exploit details available on security research sites.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://patchstack.com/database/Wordpress/Theme/algenix/vulnerability/wordpress-algenix-theme-1-0-local-file-inclusion-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Remove Algenix theme from WordPress installation
2. Replace with alternative theme
3. No official patch exists from vendor

🔧 Temporary Workarounds

Disable Algenix Theme

all

Deactivate and remove the vulnerable theme from WordPress

wp theme deactivate algenix
wp theme delete algenix

Web Application Firewall Rules

linux

Block requests containing local file inclusion patterns

ModSecurity rule: SecRule ARGS "\.\./" "id:1001,phase:2,deny,status:403"

🧯 If You Can't Patch

Implement strict file permissions (chmod 600 for sensitive files)
Deploy web application firewall with LFI detection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress theme directory for algenix folder and version.php file showing version <= 1.0

Check Version:

grep -r "Version:" wp-content/themes/algenix/style.css

Verify Fix Applied:

Confirm algenix theme is not present in wp-content/themes/ directory

📡 Detection & Monitoring

Log Indicators:

HTTP requests with ../ patterns in parameters
PHP include/require errors in web server logs
Access to sensitive files like /etc/passwd in web logs

Network Indicators:

HTTP requests with directory traversal sequences (../)
Unusual file access patterns from web paths

SIEM Query:

source="web_logs" AND (uri="*../*" OR uri="*/etc/passwd*" OR uri="*/proc/self/environ*")

📊 Metadata

CVE ID: CVE-2025-58803

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE: CWE-98

EPSS Score: 0.06% exploit probability (19th percentile)

Published: December 18, 2025

Last Updated: January 20, 2026

🔗 References

https://patchstack.com/database/Wordpress/Theme/algenix/vulnerability/wordpress-algenix-theme-1-0-local-file-inclusion-vulnerability?_s_id=cve

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58803, you might also want to check these: