CVE-2025-69087

Name of the Vulnerable Software and Affected Versions jwsthemes FreeAgent versions through 2.1.2

Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for unauthorized access and potential code execution. The vulnerability exists due to insufficient validation of file paths used in include or require operations within the PHP application.

Recommendations Update jwsthemes FreeAgent to a version later than 2.1.2.