CVE-2025-69083 | Elated-Themes Frappe Plugin up to 1.8 on WordPress filename control

Inserito da Angelo Barbosa | Gen 6, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Elated-Themes Frappe Plugin up to 1.8 on WordPress. This affects an unknown function. Executing a manipulation can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

The identification of this vulnerability is CVE-2025-69083. The attack may be launched remotely. There is no exploit available.

CVE-2025-69083 | Elated-Themes Frappe Plugin up to 1.8 on WordPress filename control

Post correlati

CVE-2024-34344 | Nuxt up to 3.12.3 NuxtTestComponentWrapper path cross site scripting (GHSA-v784-fjjh-f8r4)

CVE-2024-36117 | dzikoysk reposilite up to 3.5.11 path traversal

CVE-2025-23654 | Vinícius Krolow Twitter Post Plugin up to 0.1 on WordPress cross-site request forgery

CVE-2025-31954 | HCL iAutomate 6.5.1/6.5.2 get request method with sensitive query strings (KB0125011)