cleantalk
Vulnerabilities and Security Researches

Premium Addons for KingComposer, CVE-2025-49036

CVE, Research URL

CVE-2025-49036

Home page URL

Security reports for Premium Addons for KingComposer

Application

Premium Addons for KingComposer

Published on
Aug 14, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in octagonwebstudio Premium Addons for KingComposer allows PHP Local File Inclusion. This issue affects Premium Addons for KingComposer: from n/a through 1.1.1.
Affected versions
Min -, max 1.1.1.
Status
vulnerable
Previous vulnerability researches
AnWP Football Leagues (CVE-2024-8917) , Sep 25, 2024
AnWP Football Leagues (CVE-2025-8767) , Aug 12, 2025
New vulnerability
GMap Generator (CVE-2025-8568) , Aug 14, 2025
GiveWP – Donation Plugin and Fundraising Platform (CVE-2025-47444) , Aug 14, 2025
Easy Form Builder (CVE-2025-54678) , Aug 14, 2025
WooCommerce Affiliate Plugin – Coupon Affiliates (CVE-2025-54025) , Aug 14, 2025
RT Easy Builder – Advanced addons for Elementor (CVE-2025-8462) , Aug 14, 2025