CVE-2025-26909 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Darrel Hide My WP Ghost hide-my-wp…
Critical CVSS: 9.8

CVE-2025-26909

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through <= 5.4.01.
Vendor
Wpplugins
Product
Hide My Wp Ghost
CWE
CWE-98
Yayın Tarihi
2025-03-27 16:15:30
Güncelleme
2026-04-01 17:19:08
Source Identifier
audit@patchstack.com
KEV Date Added
-

Kategoriler

CWE-98 Hide My Wp Ghost CRITICAL Wpplugins 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/hide-my-wp/vulnerability/wordpress-hide-my-wp-ghost-plugin-5-4-01-local-file-inclusion-to-rce-vulnerability?_s_id=cve