CVE-2025-39461

CVE-2025-39461 affects WordPress Docket Cache plugin (versions up to 24.07.02) and is a Local File Inclusion due to improper filename handling in PHP include/require. The vulnerability allows abuse of PHP file inclusion and has a CVSS v3.1 base score of 7.5 (High). Public details in connected sou...

CVE-2025-39461 WordPress Docket Cache plugin <= 24.07.02 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nawawi Jamili Docket Cache docket-cache allows PHP Local File Inclusion.This issue affects Docket Cache: from n/a through = 24.07.02...

CVE-2025-39461 WordPress Docket Cache plugin <= 24.07.02 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nawawi Jamili Docket Cache docket-cache allows PHP Local File Inclusion.This issue affects Docket Cache: from n/a through = 24.07.02...

WordPress plugin Docket Cache 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-17017

Name of the Vulnerable Software and Affected Versions Docket Cache versions through 24.07.02 Description The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This vulnerability allows PHP Loc...

Docket Cache < 21.08.02 - Reflected Cross-Site Scripting

The plugin does not escape some filter parameters when the OPCache Viewer is enabled before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues https://example.com/wp-admin/admin.php?page=docket-cache-opcviewer&idx=opcviewer&s=a&sf="alert/XSS-sf/&sm="alert/XSS-sm/...

Docket Cache < 21.08.02 - Reflected Cross-Site Scripting

The plugin does not escape some filter parameters when the OPCache Viewer is enabled before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues PoC https://example.com/wp-admin/admin.php?page=docket-cache-opcviewer=opcviewer=a="="...

WordPress Docket Cache plugin <= 21.08.01 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Docket Cache plugin versions = 21.08.01. Solution Update the WordPress Docket Cache plugin to the latest available version at least 21.08.02...