- Description
- Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nitin Prakash WC Place Order Without Payment allows PHP Local File Inclusion. This issue affects WC Place Order Without Payment: from n/a through 2.6.7.
- Source
- audit@patchstack.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- audit@patchstack.com
- CWE-98
- Hype score
- Not currently trending
🚨 CVE-2025-26933 🔴 HIGH (7.5) 🏢 Nitin Prakash - WC Place Order Without Payment 🏗️ Unknown Version 🔗 https://t.co/WdvzQeCKhl #CyberCron #VulnAlert #InfoSec https://t.co/bXKdkgnlum
@cybercronai
12 Mar 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-26933 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nitin Prakash WC Place Order Without Payment … https://t.co/flaYL5Y2Q2
@CVEnew
10 Mar 2025
329 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes