cleantalk
Vulnerabilities and Security Researches

Premium Addons for KingComposer, CVE-2025-49036

CVE, Research URL

CVE-2025-49036

Home page URL

Security reports for Premium Addons for KingComposer

Application

Premium Addons for KingComposer

Published on
Aug 14, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in octagonwebstudio Premium Addons for KingComposer allows PHP Local File Inclusion. This issue affects Premium Addons for KingComposer: from n/a through 1.1.1.
Affected versions
Min -, max 1.1.1.
Status
vulnerable
Previous vulnerability researches
Blogger Buzz (CVE-2025-54680) , Aug 02, 2025
Blogger Buzz (115f6bdb0e5c21979d308193f82caf8fb7388640) , Jun 11, 2024
Blogger Buzz (CVE-2023-30476) , Jun 10, 2024
New vulnerability
Easy Form Builder (CVE-2025-54678) , Aug 14, 2025
WooCommerce Affiliate Plugin – Coupon Affiliates (CVE-2025-54025) , Aug 14, 2025
RT Easy Builder – Advanced addons for Elementor (CVE-2025-8462) , Aug 14, 2025
Database for Contact Form 7, WPforms, Elementor forms (CVE-2025-7384) , Aug 14, 2025
Eventer (CVE-2025-39483) , Aug 14, 2025