Description
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'header_layout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Published: 2025-08-16
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local File Inclusion leading to arbitrary PHP code execution
Action: Apply Patch
AI Analysis

Impact

The Soledad WordPress theme is vulnerable to a Local File Inclusion flaw through the 'header_layout' parameter. This issue allows authenticated users with Contributor-level access or higher to include arbitrary .php files present on the server, leading to the execution of any PHP code contained in those files. The vulnerability can be leveraged to bypass existing access controls, obtain sensitive data, or fully compromise the site if .php files can be uploaded and subsequently included. The weakness falls under CWE‑98, Local File Inclusion.

Affected Systems

All installations of the Soledad theme from pencidesign, versions 8.6.7 and earlier, are affected. Users running these legacy versions of the theme on WordPress should review their current version and apply any available updates.

Risk and Exploitability

With a CVSS score of 8.8, the severity is High, but the EPSS score is less than 1 %, indicating a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Attackers must first authenticate with Contributor-level privileges to exploit the flaw, after which they can craft a request to the 'header_layout' parameter that points to a locally stored .php file. If such a file can be uploaded by the user, the attacker can execute arbitrary code, potentially leading to full site compromise.

Generated by OpenCVE AI on April 21, 2026 at 03:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Soledad theme to a version newer than 8.6.7
  • Restrict file upload capabilities for Contributor-level users so they cannot upload PHP files
  • Configure the web server or apply a WAF rule to block local file inclusion attempts through the 'header_layout' parameter

Generated by OpenCVE AI on April 21, 2026 at 03:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-28792 The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'header_layout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
History

Mon, 18 Aug 2025 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Pencidesign
Pencidesign soledad
Wordpress
Wordpress wordpress
Vendors & Products Pencidesign
Pencidesign soledad
Wordpress
Wordpress wordpress

Mon, 18 Aug 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sat, 16 Aug 2025 11:30:00 +0000

Type Values Removed Values Added
Description The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'header_layout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Title Soledad <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout'
Weaknesses CWE-98
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Pencidesign Soledad
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:02:59.114Z

Reserved: 2025-07-24T16:57:03.610Z

Link: CVE-2025-8142

cve-icon Vulnrichment

Updated: 2025-08-18T18:07:12.958Z

cve-icon NVD

Status : Deferred

Published: 2025-08-16T12:15:31.740

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-8142

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T03:30:26Z

Weaknesses