exploitDog

CVE-2025-63017

Опубликовано: 22 янв. 2026

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through <= 1.6.6.

Ссылки

https://patchstack.com/database/Wordpress/Plugin/werkstatt-plugin/vulnerability/wordpress-werkstatt-plugin-plugin-1-6-6-local-file-inclusion-vulnerability?_s_id=cve

EPSS

Процентиль: 33%

0.00127

Низкий

7.5 High

CVSS3

Дефекты

CWE-98

Связанные уязвимости

GHSA-8qwx-32rr-mphx

CVSS3: 9.8

github

16 дней назад

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through <= 1.6.6.

EPSS

Процентиль: 33%

0.00127

Низкий

7.5 High

CVSS3

Дефекты

CWE-98