CVE-2025-49277

Name of the Vulnerable Software and Affected Versions Unfoldwp Blogprise versions 1.0.0 through 1.0.9

Description The issue is related to improper control of filename for include/require statement in PHP programs, also known as 'PHP Remote File Inclusion'. This allows PHP Local File Inclusion.

Recommendations For Unfoldwp Blogprise versions 1.0.0 through 1.0.9, update to a version later than 1.0.9 to resolve the issue. At the moment, there is no information about other mitigation measures for this specific issue.