CVE-2025-64364 is a vulnerability in the StylemixThemes Masterstudy WordPress plugin, specifically in versions before 4.8.126. The flaw arises from improper control over the filename used in PHP include or require statements, which can lead to Remote File Inclusion (RFI) or Local File Inclusion (LFI). This means an attacker can manipulate input parameters to cause the application to include and execute malicious PHP code from remote or local sources. The vulnerability is exploitable over the network (AV:N), requires low privileges (PR:L), has high attack complexity (AC:H), and does not require user interaction (UI:N). The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), as attackers can execute arbitrary code, potentially leading to full system compromise, data theft, defacement, or denial of service. The vulnerability affects educational websites using the Masterstudy plugin, which is popular for e-learning platforms built on WordPress. Although no public exploits are currently known, the nature of the vulnerability and its CVSS score of 7.5 indicate a serious risk. The lack of available patches at the time of disclosure means organizations must apply mitigations promptly once updates are released. The vulnerability is documented and published by Patchstack and the CVE database, emphasizing the need for awareness and remediation.

European organizations using the StylemixThemes Masterstudy plugin for their e-learning or educational websites face significant risks from this vulnerability. Successful exploitation could lead to unauthorized remote code execution, allowing attackers to access sensitive student or organizational data, alter course content, or disrupt service availability. This could result in data breaches violating GDPR regulations, reputational damage, and operational downtime. Educational institutions and training providers are particularly vulnerable due to their reliance on these platforms for delivering critical services. The high integrity and availability impact could disrupt learning activities and cause financial losses. Furthermore, attackers could leverage compromised systems as footholds for lateral movement within organizational networks. The vulnerability's network accessibility and low privilege requirement increase the likelihood of exploitation in the wild once exploit code becomes available.

Organizations should immediately monitor for updates from StylemixThemes and apply the patch for Masterstudy plugin version 4.8.126 or later as soon as it is released. Until patches are available, administrators should restrict file inclusion paths by configuring PHP settings such as open_basedir to limit accessible directories. Input validation and sanitization must be enforced on all parameters that influence file inclusion to prevent injection of malicious paths. Employing Web Application Firewalls (WAFs) with rules targeting suspicious file inclusion attempts can provide temporary protection. Regularly audit plugin usage and remove or replace plugins that are no longer maintained or pose security risks. Additionally, implement strict access controls and network segmentation to limit the impact of potential compromises. Monitoring logs for unusual file inclusion or code execution patterns can help detect exploitation attempts early.