cleantalk
Vulnerabilities and Security Researches

Flexi – Guest Submit, CVE-2025-32589

CVE, Research URL

CVE-2025-32589

Home page URL

Security reports for Flexi – Guest Submit

Application

Flexi – Guest Submit

Published on
Apr 11, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in odude Flexi – Guest Submit allows PHP Local File Inclusion. This issue affects Flexi – Guest Submit: from n/a through 4.28.
Affected versions
Min -, max 4.28.
Status
vulnerable
Previous vulnerability researches
CF7 Spreadsheets (CVE-2025-31603) , Apr 02, 2025
CF7 Spreadsheets (CVE-2025-31536) , Apr 05, 2025
New vulnerability
License Manager for WooCommerce (CVE-2025-32522) , Apr 14, 2025
License For Envato (CVE-2025-32566) , Apr 14, 2025
Ray Enterprise Translation (CVE-2025-31030) , Apr 14, 2025
WooCommerce TBC Credit Card Payment Gateway (Free) (CVE-2025-32611) , Apr 14, 2025
FireDrum Email Marketing (CVE-2025-31018) , Apr 14, 2025