2 matches found
CVE-2025-53567
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Ghost Kit ghostkit allows PHP Local File Inclusion.This issue affects Ghost Kit: from n/a through = 3.4.1...
CVE-2025-53567
CVE-2025-53567 describes an unauthenticated Local File Inclusion in WordPress Ghost Kit (PHP) due to improper filename handling in Include/Require statements, affecting Ghost Kit versions up to 3.4.1. Reported CVSS v3.1 base score 8.1 (HIGH) with NETWORK attack vector, HIGH impact on confidential...