CVE-2025-6715
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-13
Last updated on: 2025-08-13
Assigner: WPScan
Description
Description
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| latepoint | latepoint | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the LatePoint WordPress plugin before version 5.1.94 is a Local File Inclusion (LFI) issue via the layout parameter. This allows attackers to include and execute arbitrary PHP files on the server, enabling them to run any PHP code contained in those files.
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute arbitrary PHP code on the server, potentially leading to unauthorized access, data theft, server compromise, or further exploitation of the affected system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70