cleantalk
Vulnerabilities and Security Researches

WP Abstracts, CVE-2025-48338

CVE, Research URL

CVE-2025-48338

Home page URL

Security reports for WP Abstracts

Application

WP Abstracts

Published on
Oct 22, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows PHP Local File Inclusion.This issue affects WP Abstracts: from n/a through <= 2.7.4.
Affected versions
max 2.7.4.
Status
vulnerable
Previous vulnerability researches
Ultra Addons Lite for Elementor (CVE-2024-13832) , Mar 01, 2025
Ultra Addons Lite for Elementor (CVE-2023-53589) , Nov 11, 2025
Ultra Addons Lite for Elementor (CVE-2025-32192) , Apr 05, 2025
New vulnerability
AIO Forms &#8211; Your #1 companion for those difficult forms (CVE-2025-11889) , Nov 11, 2025
WP Restaurant Listings (CVE-2025-11830) , Nov 11, 2025
Oceanpayment CreditCard Gateway (CVE-2025-11728) , Nov 11, 2025
ElementInvader Addons for Elementor (CVE-2025-10873) , Nov 11, 2025
Backup Bolt (CVE-2023-53597) , Nov 11, 2025