CVE-2025-4857 | Newsletters Plugin up to 4.9.9.9 on WordPress File file inclusion

Inserito da Angelo Barbosa | Mag 31, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Newsletters Plugin up to 4.9.9.9 on WordPress. This affects an unknown part. The manipulation of the argument File leads to file inclusion.

This vulnerability is uniquely identified as CVE-2025-4857. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-4857 | Newsletters Plugin up to 4.9.9.9 on WordPress File file inclusion

Post correlati

CVE-2024-21920 | Rockwell Automation Arena Simulation up to 16.20.02 out-of-bounds

CVE-2024-53382 | PrismJS Prism up to 1.29.0 HTML Element document.currentScript code injection

CVE-2025-24963 | vitest-dev vitest up to 2.1.8/3.0.3 __screenshot-error path traversal (GHSA-8gvc-j273-4wm5)

CVE-2023-47033 | MultiSigWallet 0xF0C99 executeTransaction Privilege Escalation