CNNVD-202512-3665 Information
Dec 18, 2025
cve
CNNVD ID
CNNVD-202512-3665
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
PHP等都是(PHP)的产品。PHP是一种在服务器端执行的脚本语言。WebSockets ws等都是(WebSockets)开源的产品。ws是一个 Node.js WebSocket 库。R infrastructure gh等都是(R infrastructure)开源的产品。gh是一个GitHub的API库。 WordPress plugin Greenorganic 2.45及之前版本存在安全漏洞,该漏洞源于对包含/需求语句的文件名控制不当,可能导致PHP本地文件包含。
Description (English)
PHPs are all (PHPs) products. PHP is a script language executed at the server end. WebSockets ws are all open-source products. Ws is a Node.js WebSocket library. R infrastructure gh etc. are open-source products. gh is a Github API library. WordPress plugin Greenorganic 2.45 and previous versions had a security loophole, which stemmed from inadequate control over file names containing/required statements, which could lead to PHP local file inclusion.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
WordPress
Published
2025-12-18
Last Modified
2026-02-24