CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30782 – WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2025-30782
29 Mar 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9. The Subscribe to Download Lite plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.2.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to include and execute arb... • https://patchstack.com/database/wordpress/plugin/subscribe-to-download-lite/vulnerability/wordpress-subscribe-to-download-lite-plugin-1-2-9-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30785 – WordPress Subscribe to Download Lite <= 1.2.9 - Local File Inclusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-30785
27 Mar 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9. The Subscribe to Download Lite plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.2.9. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute ar... • https://patchstack.com/database/wordpress/plugin/subscribe-to-download-lite/vulnerability/wordpress-subscribe-to-download-lite-1-2-9-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •