CVE-2026-24635 | DevsBlink EduBlink Core Plugin up to 2.0.7 on WordPress filename control

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability classified as critical was found in DevsBlink EduBlink Core Plugin up to 2.0.7 on WordPress. The impacted element is an unknown function. Executing a manipulation can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is registered as CVE-2026-24635. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-24635 | DevsBlink EduBlink Core Plugin up to 2.0.7 on WordPress filename control

Post correlati

CVE-2024-32913 | Google Android wl_cfg80211.c wl_notify_rx_mgmt_frame out-of-bounds write

CVE-2023-51219 | KakaoTalk 10.4.3 HTTP Request Header cross site scripting

CVE-2025-14635 | HappyMonster Happy Addons for Elementor Plugin up to 3.20.3 on WordPress ha_page_custom_js cross site scripting

CVE-2025-1586 | code-projects Blood Bank System 1.0 /Blood/A-.php Bloodname cross site scripting