3 matches found
CVE-2025-2636
creationtimestamp| type| source ---|---|--- 2025-04-11 04:49:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11385 2025-04-11 05:43:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmjcrdhepi2a 2025-04-11 07:48:41+00:00| seen|...
CVE-2025-2636 InstaWP Connect <= 0.1.0.85 - Unauthenticated Local PHP File Inclusion
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files ...
WordPress InstaWP Connect plugin <= 0.1.0.85 - Unauthenticated Local PHP File Inclusion vulnerability
Unauthenticated Local PHP File Inclusion vulnerability discovered by Cheng Liu in WordPress Plugin InstaWP Connect versions = 0.1.0.85...