cleantalk
Vulnerabilities and Security Researches

include-file, CVE-2025-30595

CVE, Research URL

CVE-2025-30595

Home page URL

Security reports for include-file

Application

include-file

Published on
Mar 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tstafford include-file allows Stored XSS. This issue affects include-file: from n/a through 1.
Affected versions
Min -, max 1.
Status
vulnerable
Previous vulnerability researches
include-file (CVE-2025-30596) , Apr 05, 2025
include-file (CVE-2025-30595) , Mar 26, 2025
New vulnerability
Snow Storm (CVE-2025-30858) , Apr 05, 2025
PeproDev CF7 Database (CVE-2025-31573) , Apr 05, 2025
SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity (CVE-2025-32167) , Apr 05, 2025
SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity (CVE-2025-32256) , Apr 05, 2025
MasterStudy LMS WordPress Plugin – for Online Courses and Education (CVE-2025-32237) , Apr 05, 2025