关键漏洞信息 漏洞概述 Title: WordPress Yokoo Theme <= 1.1.11 is vulnerable to a high priority Local File Inclusion Priority: High CVSS Score: 8.1 Type: Local File Inclusion 漏洞风险 Risks: This vulnerability is highly dangerous and expected to become exploited. Description: A malicious actor could include local files of the target website and show its output on the screen. Files which store credentials, such as database credentials, could potentially allow complete database takeover depending on the configuration. 解决方案 Recommended Action: Automatically mitigate vulnerabilities and keep your websites safe. 详细信息 Software: Yokoo Type: Theme Vulnerable versions: <= 1.1.11 Vulnerability Category: A3: Injection 时间线 Reported by: Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) Report Date: 29 Nov, 2025