CVE-2025-4857 | Newsletters Plugin up to 4.9.9.9 on WordPress File file inclusion

Inserito da Angelo Barbosa | Mag 31, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Newsletters Plugin up to 4.9.9.9 on WordPress. This affects an unknown part. The manipulation of the argument File leads to file inclusion.

This vulnerability is uniquely identified as CVE-2025-4857. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-4857 | Newsletters Plugin up to 4.9.9.9 on WordPress File file inclusion

Post correlati

CVE-2023-52044 | Studio-42 elFinder 2.1.62 php8 File unrestricted upload (Issue 3615)

CVE-2025-27515 | Laravel Framework up to 11.44.0/12.1.0 wildcards or matching symbols (GHSA-78fx-h6xr-vch4)

CVE-2024-44383 | WAYOS FBM-291W 19.09.11 msp_info_htm Privilege Escalation

CVE-2024-0400 | Hitachi Energy MACH SCM up to 4.38 LINQ Query code injection