Filtered by vendor Beeteam368
Subscriptions
Filtered by product Vidmov
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25172 | 2 Beeteam368, Wordpress | 2 Vidmov, Wordpress | 2025-08-14 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 VidMov allows PHP Local File Inclusion. This issue affects VidMov: from n/a through 1.9.4. | ||||
| CVE-2025-6381 | 2 Beeteam368, Wordpress | 2 Vidmov, Wordpress | 2025-07-13 | 8.8 High |
| The BeeTeam368 Extensions plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_remove_temp_file() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. This vulnerability can be used to delete the wp-config.php file, which can be leveraged into a site takeover. | ||||
| CVE-2025-6379 | 2 Beeteam368, Wordpress | 2 Vidmov, Wordpress | 2025-07-13 | 8.8 High |
| The BeeTeam368 Extensions Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_live_fn() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory. This vulnerability can be used to delete the wp-config.php file, which can be leveraged into a site takeover. | ||||
Page 1 of 1.