CVE-2025-69072 in Prider Plugin
Summary
by MITRE • 01/22/2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Prider prider allows PHP Local File Inclusion.This issue affects Prider: from n/a through <= 1.1.3.1.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 01/28/2026
The CVE-2025-69072 vulnerability represents a critical PHP Remote File Inclusion flaw that resides within the AncoraThemes Prider plugin, specifically impacting versions through 1.1.3.1. This vulnerability stems from improper handling of filename parameters in include or require statements, creating a pathway for malicious actors to execute arbitrary code on affected systems. The flaw allows attackers to manipulate input parameters that are directly used in PHP's include or require functions, potentially enabling remote code execution through crafted file paths. The vulnerability falls under the broader category of improper control of filename for include/require statements, which is classified as CWE-98 in the Common Weakness Enumeration catalog, specifically addressing the risk of remote file inclusion attacks.
The technical implementation of this vulnerability occurs when the Prider plugin fails to properly validate or sanitize user-supplied input before using it in dynamic include statements. Attackers can exploit this by injecting malicious file paths through parameters that are processed by the plugin's code, potentially allowing them to include local or remote files. This weakness enables a wide range of attack vectors including local file inclusion, remote code execution, and potential privilege escalation depending on the server configuration. The vulnerability's impact is amplified by the fact that it allows for arbitrary file inclusion without proper access controls or input validation, making it particularly dangerous in web applications where user input is processed.
The operational consequences of this vulnerability extend beyond simple code execution, potentially allowing attackers to gain unauthorized access to sensitive system resources, steal data, or compromise entire server infrastructures. The remote file inclusion capability means that attackers can leverage this vulnerability from external networks without requiring local access to the system. This creates a significant risk for organizations using the affected plugin, as it can lead to complete system compromise, data breaches, and potential lateral movement within network environments. The vulnerability's exploitation risk is further elevated by the fact that it affects a widely used WordPress theme plugin, increasing the potential attack surface and attack frequency.
Mitigation strategies for CVE-2025-69072 should prioritize immediate plugin updates to versions that address the vulnerability, as this represents the most effective defense against exploitation. Organizations should also implement strict input validation and sanitization measures, ensuring that all user-supplied parameters are properly validated before being used in include or require statements. Network-level protections such as web application firewalls and strict access controls can provide additional layers of defense, while monitoring systems should be configured to detect unusual file inclusion patterns. Security teams should also conduct thorough vulnerability assessments of their WordPress installations, ensuring that all plugins and themes are regularly updated and that proper security configurations are maintained. The ATT&CK framework categorizes this vulnerability under T1190 - Exploit Public-Facing Application, highlighting the need for comprehensive application security measures and regular vulnerability scanning procedures to prevent exploitation attempts.