CVE-2025-32499

MEDIUM Year: 2025
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-98
View all →

Vulnerability Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Logo Showcase Ultimate allows PHP Local File Inclusion. This issue affects Logo Showcase Ultimate: from n/a through 1.4.4.

Related Vulnerabilities

CVE-2024-4359

MEDIUM
CVSS:6.5(Medium)

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and includ...

CWE-982024

CVE-2024-45077

MEDIUM
CVSS:6.5(Medium)

IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of addi...

CWE-982024

CVE-2024-56216

MEDIUM
CVSS:6.5(Medium)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themify Themify Builder allows PHP Local File Inclusion.This issue affects Them...

CWE-982024

CVE-2025-22305

MEDIUM
CVSS:6.5(Medium)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate allows PHP Local File I...

CWE-982025

CVE-2025-24733

MEDIUM
CVSS:6.5(Medium)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AddonMaster Post Grid Master allows PHP Local File Inclusion. This issue affect...

CWE-982025

CVE-2025-25539

MEDIUM
CVSS:6.5(Medium)

Local File Inclusion vulnerability in Vasco v3.14and before allows a remote attacker to obtain sensitive information via help menu.

CWE-982025