PT-2025-33930 · WordPress · Seopress For Mainwp

Name of the Vulnerable Software and Affected Versions: SEOPress for MainWP versions through 1.4 Description: This issue involves improper control of filename handling for include/require statements in the PHP program, leading to a PHP Local File Inclusion. Recommendations: Update SEOPress for...

PT-2025-33931 · Roxnor · Roxnor Fundengine

Name of the Vulnerable Software and Affected Versions: Roxnor FundEngine versions through 1.7.4 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion...

WordPress plugin ZoloBlocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin WP Travel Gutenberg Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-33974 · WordPress · Zoloblocks

Name of the Vulnerable Software and Affected Versions: bdthemes ZoloBlocks versions through 2.3.2 Description: An improper control of filename for include/require statement exists in bdthemes ZoloBlocks, allowing for PHP Local File Inclusion. This issue is related to a PHP Remote File Inclusion...

PT-2025-33987 · Unknown · Nk Ghost Kit

Name of the Vulnerable Software and Affected Versions: nK Ghost Kit versions through 3.4.1 Description: This issue involves improper control of filename handling for Include/Require statements in PHP programs, specifically a PHP Remote File Inclusion vulnerability that allows for PHP Local File...

WordPress plugin Cena Store 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2022-31692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types...

Linux Distros Unpatched Vulnerability : CVE-2023-49084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and...

CVE-2025-25172

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in beeteam368 VidMov vidmov allows PHP Local File Inclusion.This issue affects VidMov: from n/a through = 1.9.4...

CVE-2025-54689

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.7...

CVE-2025-49036

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in octagonwebstudio Premium Addons for KingComposer premium-addons-for-kingcomposer allows PHP Local File Inclusion.This issue affects Premium Addons for KingComposer: from n/a...

CVE-2025-49264

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On...

CVE-2025-54690

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek Xinterio xinterio allows PHP Local File Inclusion.This issue affects Xinterio: from n/a through = 4.2...

CVE-2025-48293

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows PHP Local File Inclusion.This issue affects Geo Mashup: from n/a through = 1.13.16...

CVE-2025-28979

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress WP Pipes allows PHP Local File Inclusion. This issue affects WP Pipes: from n/a through 1.4.3...

PT-2025-33460 · WordPress · Bizcalendar Web

Name of the Vulnerable Software and Affected Versions: BizCalendar Web plugin for WordPress versions prior to 1.1.0.51 Description: The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion via the bizcalv shortcode. Authenticated attackers with Contributor-level access and...

Linux Distros Unpatched Vulnerability : CVE-2025-49763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory consumption if malicious instructions are inserted. Users can u...

Malicious code in npm-include (npm)

The package npm-include was found to contain malicious code...

Malicious code in rca-include (npm)

The package rca-include was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...