cleantalk
Vulnerabilities and Security Researches

include-file, CVE-2025-30595

CVE, Research URL

CVE-2025-30595

Home page URL

Security reports for include-file

Application

include-file

Published on
Mar 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tstafford include-file allows Stored XSS. This issue affects include-file: from n/a through 1.
Affected versions
Min -, max 1.
Status
vulnerable
Previous vulnerability researches
include-file (CVE-2025-30596) , Apr 05, 2025
include-file (CVE-2025-30595) , Mar 26, 2025
New vulnerability
Lottie Player block – Implement Lottie animations. (CVE-2025-2579) , Apr 26, 2025
360 Product Rotation (CVE-2024-13823) , Apr 26, 2025
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-39400) , Apr 26, 2025
License For Envato (CVE-2025-39399) , Apr 25, 2025
occupancyplan (CVE-2025-46450) , Apr 25, 2025