cleantalk
Vulnerabilities and Security Researches

MediaPress, CVE-2025-58608

CVE, Research URL

CVE-2025-58608

Home page URL

Security reports for MediaPress

Application

MediaPress

Published on
Sep 03, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuddyDev MediaPress allows PHP Local File Inclusion. This issue affects MediaPress: from n/a through 1.5.9.1.
Affected versions
Min -, max 1.6.0.
Status
vulnerable
Previous vulnerability researches
Community Lite Video Chat (12108f2d6b7cdd384ce360bc60e3cf6c2dcb247d) , Jun 06, 2024
Community Lite Video Chat (CVE-2024-49605) , Oct 22, 2024
New vulnerability
Category Order and Taxonomy Terms Order , Sep 08, 2025
TrustMate.io – WooCommerce integration (CVE-2025-58802) , Sep 08, 2025
Woocommerce Notify Updated Product (CVE-2025-58856) , Sep 08, 2025
Site Info (CVE-2025-58866) , Sep 08, 2025
Authors List (CVE-2025-58792) , Sep 07, 2025