CVE-2025-23952

Name of the Vulnerable Software and Affected Versions ntm custom-field-list-widget versions 1.5.1 and earlier

Description The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This is a type of security vulnerability that can be exploited by an attacker to include and execute arbitrary local files on the server.

Recommendations For ntm custom-field-list-widget versions 1.5.1 and earlier, update to a version that fixes this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.