Local File Inclusion Vulnerability in GamiPress by Ruben Garcia
CVE-2025-47508
7.5HIGH
What is CVE-2025-47508?
The GamiPress plugin, developed by Ruben Garcia, has a vulnerable function allowing for Local File Inclusion (LFI) due to improper handling of include/require statements. This flaw enables attackers to manipulate file paths, potentially leading to the execution of arbitrary PHP code. The vulnerability affects the plugin versions up to 7.3.7, making it crucial for site administrators to apply appropriate security measures to mitigate risks associated with unauthorized file access.
Affected Version(s)
GamiPress <= 7.3.7