Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Molla Theme Allows Access to Sensitive Files on Your Server
CVE-2025-69339
Summary
A security issue in the Molla theme allows attackers to access files on your website that they shouldn't be able to. This can happen if you're using Molla version 1.5.16 or earlier. Update to the latest version to fix the issue.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in don-themes Molla molla allows PHP Local File Inclusion.This issue affects Mo...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in don-themes Molla molla allows PHP Local File Inclusion.This issue affects Molla: from n/a through <= 1.5.16.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026