CVE-2025-30580

Name of the Vulnerable Software and Affected Versions DigiWidgets Image Editor versions 1.10 and earlier

Description The issue is related to an Improper Control of Generation of Code ('Code Injection') vulnerability, which allows Remote Code Inclusion. This means that an attacker could potentially inject malicious code into the system, leading to unauthorized access or control.

Recommendations For DigiWidgets Image Editor versions 1.10 and earlier, consider disabling the code generation feature until a patch is available. Restrict access to the image editor to minimize the risk of exploitation. Avoid using the image editor for remote code inclusion until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.