CVE-2025-58973 | HackTesting

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows PHP Local File Inclusion.This issue affects Easy Elementor Addons: from n/a through <= 2.2.8.

Credits

LVT-tholv2k | Patchstack Bug Bounty Program

References

https://patchstack.com/database/Wordpress/Plugin/easy-elementor-addons/vulnerability/wordpress-easy-elementor-addons-plugin-2-2-8-local-file-inclusion-vulnerability?_s_id=cve