cleantalk
Vulnerabilities and Security Researches

AnyComment, CVE-2025-60240

CVE, Research URL

CVE-2025-60240

Home page URL

Security reports for AnyComment

Application

AnyComment

Published on
Nov 06, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Alexander AnyComment anycomment allows PHP Local File Inclusion.This issue affects AnyComment: from n/a through <= 0.3.6.
Affected versions
max 0.3.6.
Status
vulnerable
Previous vulnerability researches
One Click Accessibility (CVE-2025-32640) , Apr 10, 2025
One Click Accessibility (CVE-2025-10700) , Nov 10, 2025
New vulnerability
Event post (CVE-2025-62042) , Nov 10, 2025
Rock Convert (CVE-2025-62911) , Nov 10, 2025
Wp tabber widget (CVE-2025-10730) , Nov 10, 2025
Flex QR Code Generator (CVE-2025-10041) , Nov 10, 2025
DominoKit (CVE-2025-12350) , Nov 10, 2025