cleantalk
Vulnerabilities and Security Researches

MediaPress, CVE-2025-58608

CVE, Research URL

CVE-2025-58608

Home page URL

Security reports for MediaPress

Application

MediaPress

Published on
Sep 03, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuddyDev MediaPress allows PHP Local File Inclusion. This issue affects MediaPress: from n/a through 1.5.9.1.
Affected versions
Min -, max 1.6.0.
Status
vulnerable
Previous vulnerability researches
Chatbox Manager (CVE-2025-58211) , Sep 02, 2025
Chatbox Manager (CVE-2025-48167) , Jul 19, 2025
Chatbox Manager (CVE-2025-30790) , Mar 28, 2025
New vulnerability
Easy Download Media Counter (CVE-2025-58867) , Sep 06, 2025
WooCommerce Single Page Checkout (CVE-2025-58804) , Sep 06, 2025
New Simple Gallery (CVE-2025-58881) , Sep 06, 2025
LTL Freight Quotes – Day & Ross Edition (CVE-2025-58642) , Sep 06, 2025
Sticky Side Buttons (5050bee0d08fa2179495d87f142ada0e346f4e05) , Sep 06, 2025