WPCOM Member, CVE-2025-39570

CVE, Research URL: CVE-2025-39570
Home page URL: Security reports for WPCOM Member
Application: WPCOM Member
Published on: Apr 16, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Lomu WPCOM Member allows PHP Local File Inclusion. This issue affects WPCOM Member: from n/a through 1.7.7.
Affected versions: max 1.7.8.
Status: vulnerable