CVE-2025-58933 – This vulnerability allows attackers to include ... (How to Fix)

Q: What is the severity of CVE-2025-58933?

CVE-2025-58933 has a CVSS score of 8.1 (HIGH). This vulnerability allows attackers to include local PHP files through improper filename control in the Anubis WordPress theme. Attackers can potentially read sensitive files or execute arbitrary code on affected WordPress installations. All WordPress sites using vulnerable versions of the Anubis theme are affected.

📋 TL;DR

This vulnerability allows attackers to include local PHP files through improper filename control in the Anubis WordPress theme. Attackers can potentially read sensitive files or execute arbitrary code on affected WordPress installations. All WordPress sites using vulnerable versions of the Anubis theme are affected.

💻 Affected Systems

Products:

axiomthemes Anubis WordPress Theme

Versions: All versions through 1.25

Operating Systems: Any OS running PHP and WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress with the Anubis theme installed and activated.

📦 What is this software?

Anubis by Axiomthemes

View all CVEs affecting Anubis →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise through arbitrary code execution leading to data theft, ransomware deployment, or complete site takeover.

🟠

Likely Case

Sensitive file disclosure (configuration files, database credentials) leading to further attacks or data exfiltration.

🟢

If Mitigated

Limited impact with proper file permissions and web server restrictions preventing file inclusion.

🌐 Internet-Facing: HIGH - WordPress themes are typically internet-facing and this vulnerability requires no authentication.

🏢 Internal Only: MEDIUM - Internal WordPress sites could still be exploited by internal threat actors.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP requests can trigger the vulnerability. Public exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 1.25

Vendor Advisory: https://patchstack.com/database/Wordpress/Theme/anubis/vulnerability/wordpress-anubis-theme-1-25-local-file-inclusion-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Update the Anubis theme to the latest version via WordPress admin panel. 2. Alternatively, download the latest version from the theme repository and replace the existing theme files.

🔧 Temporary Workarounds

Disable vulnerable theme

all

Switch to a different WordPress theme until patched

wp theme activate twentytwentyfour
wp theme deactivate anubis

Restrict PHP file inclusion

all

Add web server rules to block file inclusion attempts

# Apache: Add to .htaccess
<FilesMatch "\.(php|inc)$">
  Order Deny,Allow
  Deny from all
</FilesMatch>
# Nginx: Add to server block
location ~ \.(php|inc)$ {
  deny all;
}

🧯 If You Can't Patch

Remove the Anubis theme completely from the WordPress installation
Implement web application firewall (WAF) rules to block file inclusion patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress theme version in Appearance > Themes or run: wp theme list --field=name,version | grep anubis

Check Version:

wp theme list --field=name,version | grep anubis

Verify Fix Applied:

Confirm theme version is greater than 1.25 and test file inclusion attempts return errors instead of file contents

📡 Detection & Monitoring

Log Indicators:

HTTP requests with file inclusion parameters like ?file=../../etc/passwd
PHP warnings about failed file inclusions
Unusual file access patterns in web server logs

Network Indicators:

HTTP requests containing path traversal sequences (../)
Requests to theme files with unusual parameters

SIEM Query:

web_access_logs WHERE url CONTAINS 'anubis' AND (url CONTAINS '../' OR url CONTAINS 'file=' OR url CONTAINS 'include=')

📊 Metadata

CVE ID: CVE-2025-58933

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE: CWE-98

EPSS Score: 0.05% exploit probability (15.5th percentile)

Published: December 18, 2025

Last Updated: January 20, 2026

🔗 References

https://patchstack.com/database/Wordpress/Theme/anubis/vulnerability/wordpress-anubis-theme-1-25-local-file-inclusion-vulnerability?_s_id=cve

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58933, you might also want to check these: