Home Embedded Vulns General Vulns

CVE-2025-28947

HIGH 8.1

Our Analysis: General-Purpose

Our model has classified this vulnerability as relevant to General-Purpose Systems, helping your team prioritize efforts effectively.

Published Date June 27, 2025
Last Modified June 30, 2025
CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme MBStore - Digital WooCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects MBStore - Digital WooCommerce WordPress Theme: from n/a through 2.3.