CVE-2025-49036

Name of the Vulnerable Software and Affected Versions: octagonwebstudio Premium Addons for KingComposer versions through 1.1.1

Description: A flaw exists in the file handling mechanism within octagonwebstudio Premium Addons for KingComposer, allowing for PHP Local File Inclusion. This issue stems from improper control of filename handling for include/require statements in a PHP program.

Recommendations: Update octagonwebstudio Premium Addons for KingComposer to a version later than 1.1.1.