CVE-2025-58945 | axiomthemes EcoGrow Plugin up to 1.7 on WordPress filename control

A vulnerability categorized as critical has been discovered in axiomthemes EcoGrow Plugin up to 1.7 on WordPress. This affects an unknown part. Executing manipulation can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is registered as CVE-2025-58945. It is possible to launch the attack remotely. No exploit is available.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

CVE-2025-58945 | axiomthemes EcoGrow Plugin up to 1.7 on WordPress filename control

Post correlati

CVE-2025-6420 | code-projects Simple Online Hotel Reservation System 1.0 /admin/add_room.php room_type sql injection

CVE-2024-32744 | WonderCMS 3.4.3 Current Page Module PAGE KEYWORDS cross site scripting

CVE-2025-8829 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/RP_setBasicAuto um_red hname os command injection

CVE-2024-54307 | AIpost AIcomments Plugin up to 1.4.1 on WordPress cross-site request forgery