CVE-2025-14359 | brandexponents Oshine Plugin up to 7.2.7 on WordPress filename control

Inserito da Angelo Barbosa | Gen 8, 2026 | CVE

A vulnerability has been found in brandexponents Oshine Plugin up to 7.2.7 on WordPress and classified as critical. This vulnerability affects unknown code. Performing a manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is known as CVE-2025-14359. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-14359 | brandexponents Oshine Plugin up to 7.2.7 on WordPress filename control

Post correlati

CVE-2024-50334 | Erudika scoold up to 1.63.x Setting /api authentication bypass

CVE-2023-5962 | Moxa ioLogik E1200 up to 3.3 risky encryption

CVE-2022-48618 | Apple macOS improper authentication

CVE-2025-23645 | Optimize Worldwide Find Content IDs Plugin up to 1.0 on WordPress cross site scripting