cleantalk
Vulnerabilities and Security Researches

WP Abstracts, CVE-2025-48338

CVE, Research URL

CVE-2025-48338

Home page URL

Security reports for WP Abstracts

Application

WP Abstracts

Published on
Oct 22, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows PHP Local File Inclusion.This issue affects WP Abstracts: from n/a through <= 2.7.4.
Affected versions
max 2.7.4.
Status
vulnerable
Previous vulnerability researches
Outdoor (CVE-2023-29236) , Jun 10, 2024
Outdoor (CVE-2025-10743) , Nov 11, 2025
Outdooractive Embed (CVE-2024-11774) , Dec 21, 2024
New vulnerability
ElementInvader Addons for Elementor (CVE-2025-10873) , Nov 11, 2025
Backup Bolt (CVE-2023-53597) , Nov 11, 2025
Backup Bolt (CVE-2025-10306) , Nov 11, 2025
Date counter (CVE-2025-62948) , Nov 11, 2025
WPComplete (CVE-2025-49906) , Nov 11, 2025