Back to CVE List

CVE-2025-10686

Vulnerability Description

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files.

Vulnerability Details

Published Date
Last Modified
Source
NVD

Discussion (0)

Add Comment

No comments yet. Be the first!