CVE-2026-25457 in Mixtape Plugininfo

Summary

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Mixtape mixtape allows PHP Local File Inclusion.This issue affects Mixtape: from n/a through <= 2.1.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Patchstack

Reservation

02/02/2026

Disclosure

03/25/2026

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
353316	Select-Themes Mixtape Plugin filename control	98	Not defined	Not defined	CVE-2026-25457

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!