25Şub
CVE-2025-26964 | Themewinter Eventin Plugin up to 4.0.20 on WordPress filename control
A vulnerability classified as problematic was found in Themewinter Eventin Plugin up to 4.0.20 on WordPress. This vulnerability affects unknown code. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability was named CVE-2025-26964. The attack can be initiated remotely. There is no exploit available.