cleantalk
Vulnerabilities and Security Researches

Simple Payment, CVE-2025-62075

CVE, Research URL

CVE-2025-62075

Home page URL

Security reports for Simple Payment

Application

Simple Payment

Published on
Nov 06, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ido Kobelkowsky Simple Payment simple-payment.This issue affects Simple Payment: from n/a through <= 2.4.6.
Affected versions
max 2.4.6.
Status
vulnerable
Previous vulnerability researches
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2021-24713) , Jun 06, 2024
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2024-11202) , Nov 27, 2024
Video Lessons Manager &#8211; WordPress LMS Plugin (CVE-2025-24758) , Feb 16, 2025
New vulnerability
MSTW CSV EXPORTER (CVE-2025-62944) , Nov 11, 2025
TopBar (CVE-2025-10300) , Nov 11, 2025
Store Toolkit for WooCommerce – Boost WooCommerce with useful tools, nuking/deleting, reports, order filters &amp; more! (CVE-2025-60204) , Nov 11, 2025
Quick Featured Images (CVE-2025-11176) , Nov 11, 2025
Call Now Button &#8211; The #1 Click to Call Button for WordPress (CVE-2025-11587) , Nov 11, 2025