Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter Eventin allows PHP Local File Inclusion. This issue affects Eventin: from n/a through 4.0.20.
References
Configurations
History
11 Aug 2025, 18:01
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:themewinter:eventin:*:*:*:*:*:wordpress:*:* | |
First Time |
Themewinter eventin
Themewinter |
|
References | () https://patchstack.com/database/wordpress/plugin/wp-event-solution/vulnerability/wordpress-eventin-plugin-4-0-20-local-file-inclusion-vulnerability?_s_id=cve - Third Party Advisory | |
Summary |
|
25 Feb 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-02-25 15:15
Updated : 2025-08-11 18:01
NVD link : CVE-2025-26964
Mitre link : CVE-2025-26964
CVE.ORG link : CVE-2025-26964
JSON object : View
Products Affected
themewinter
- eventin
CWE
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')