CVE-2025-14431 | THEMELOGI Navian Plugin up to 1.5.4 on WordPress filename control

Inserito da Angelo Barbosa | Gen 8, 2026 | CVE

A vulnerability was found in THEMELOGI Navian Plugin up to 1.5.4 on WordPress and classified as critical. This issue affects some unknown processing. Executing a manipulation can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is handled as CVE-2025-14431. The attack can be executed remotely. There is not any exploit available.

CVE-2025-14431 | THEMELOGI Navian Plugin up to 1.5.4 on WordPress filename control

Post correlati

CVE-2024-57771 | JFinalOA 1.0.2 common/getEditPage?view cross site scripting

CVE-2025-1906 | PHPGurukul Restaurant Table Booking System 1.0 /admin/profile.php mobilenumber sql injection

CVE-2023-6343 | Tyler Technologies Court Case Management Plus 2023-11-01 tiffserver/tssp.aspx FN/PN improper authentication

CVE-2024-44043 | 10Web Photo Gallery Plugin up to 1.8.27 on WordPress cross site scripting