3 matches found
CVE-2025-69383
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.This issue affects WP shop: from n/a through = 2.6.1...
PT-2026-21164
Name of the Vulnerable Software and Affected Versions Agence web Eoxia - Montpellier WP shop wpshop versions through 2.6.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows fo...
CVE-2025-3852
CVE-2025-3852 (WPshop 2 – E-Commerce) is a privilege-escalation vulnerability affecting WPshop 2 versions 2.0.0–2.6.0. The bug arises from insufficient identity validation in the update() function, enabling authenticated users with subscriber-level access or higher to modify arbitrary users’ cred...