PT-2026-45729 · Unboundstudio · Accordion & Faq

Published

2026-06-02

·

Updated

2026-06-02

·

CVE-2025-58024

CVSS v3.1

7.5

High

VectorAV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in UnboundStudio Accordion FAQ allows PHP Local File Inclusion.
This issue affects Accordion FAQ: from n/a through 2.2.1.

Fix

Weakness Enumeration

CWE-98

Related Identifiers

CVE-2025-58024

Affected Products

Accordion & Faq