cleantalk
Vulnerabilities and Security Researches

GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress, CVE-2025-47508

CVE, Research URL

CVE-2025-47508

Home page URL

Security reports for GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress

Application

GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress

Published on
May 07, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ruben Garcia GamiPress allows PHP Local File Inclusion. This issue affects GamiPress: from n/a through 7.3.7.
Affected versions
Min -, max 7.3.8.
Status
vulnerable
Previous vulnerability researches
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2019-25143) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (7d5b4ba83a5c6004460bf267fe534a359e1416b0) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2023-4013) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1621) , Mar 14, 2025
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1620) , Mar 14, 2025
New vulnerability
EUCookieLaw (CVE-2025-3897) , May 10, 2025
Frontend Login and Registration Blocks (CVE-2025-3605) , May 10, 2025
WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg (CVE-2025-4206) , May 10, 2025
Top 10 – WordPress Popular posts by WebberZone (CVE-2025-47509) , May 09, 2025
Easy Replace Image (CVE-2025-47483) , May 09, 2025