Key Information Vulnerability Name: WordPress Vizeon - Business Consulting Theme <= 1.1.7 is vulnerable to Local File Inclusion Priority: High priority CVSS Score: 8.1 Risk: This vulnerability is highly dangerous and expected to become mass exploited. Affected Versions: <= 1.1.7 Fix Status: No official fix available Vulnerability Type: Local File Inclusion Description: This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could potentially allow complete database takeover depending on the configuration. Solution: Automatically mitigate vulnerabilities and keep your websites safe using Patchstack's virtual patch. Reporter: Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) Timeline: - Reported by: 27 Mar 2025 - Early warning sent out to Patchstack customers: 21 May 2025 - Published by Patchstack: 23 May 2025