Exploit for PHP Remote File Inclusion in Wpplugins Hide_My_Wp_Ghost

CVE-2025-26909 Vulnerability Scanner A Python-based scanner a...

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through = 5.4.01...

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through 5.4.01...

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through = 5.4.01...

CVE-2025-26909

CVE-2025-26909 affects the WordPress plugin Hide My WP Ghost (versions n/a through 5.4.01). The root cause is improper filename handling in include/require logic via showFile(), enabling Local File Inclusion with potential Remote Code Execution. The connected sources consistently identify this as...

CVE-2025-26909

creationtimestamp| type| source ---|---|--- 2025-03-20 15:09:11+00:00| seen| https://bsky.app/profile/defendopsdiaries.bsky.social/post/3lksy4lhxbi2y 2025-03-20 18:08:42+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3lktc5muitq2q 2025-03-21 16:12:19+00:00| seen|...