5 matches found
CVE-2025-28888
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme GiftXtore bw-giftxtore allows PHP Local File Inclusion.This issue affects GiftXtore: from n/a through 1.7.7...
CVE-2025-28888
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme GiftXtore bw-giftxtore allows PHP Local File Inclusion.This issue affects GiftXtore: from n/a through 1.7.7...
CVE-2025-28888
CVE-2025-28888 is a Local File Inclusion vulnerability in the WordPress GiftXtore (BZOTheme GiftXtore) theme, arising from improper control of filenames for include/require statements. Affected versions are GiftXtore up to 1.7.4 (per NVD/Red Hat/CVE listings); exploitation could enable local file...
CVE-2025-28888 WordPress GiftXtore theme < 1.7.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme GiftXtore bw-giftxtore allows PHP Local File Inclusion.This issue affects GiftXtore: from n/a through 1.7.7...
WordPress GiftXtore Theme <= 1.7.4 is vulnerable to Local File Inclusion
Software GiftXtore Type Theme Vulnerable versions = 1.7.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-28888 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1128d46c2de9 Credits Phat RiO - BlueRock Required privilege...