CVE-2025-4414 – CMSMasters Content Composer Remote File Inclusion Vulnerability

July 4, 2025

CVE ID : CVE-2025-4414

Published : July 4, 2025, 12:15 p.m. | 2 hours, 44 minutes ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in cmsmasters CMSMasters Content Composer allows PHP Local File Inclusion. This issue affects CMSMasters Content Composer: from n/a through n/a.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49867 – InspiryThemes RealHomes Privilege Escalation Vulnerability

Next Article CVE-2025-49417 – BestWpDeveloper WooCommerce Product Multi-Action Object Injection Vulnerability

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

Laravel in the First Half of 2025

Laravel in the First Half of 2025

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

GOnnect – easy to use VoIP client

GOnnect – easy to use VoIP client

Gnuinos – spin of Devuan Linux

5 Best Free and Open Source Backend Electronic Circuit Simulators

CVE-2025-4414 – CMSMasters Content Composer Remote File Inclusion Vulnerability

CVE-2025-23970 – Aonetheme Service Finder Booking Privilege Escalation

CVE-2025-24780 – Printcart Web to Print Product Designer for WooCommerce SQL Injection

Laravel Middleware: Put in Routes, Controller, or Elsewhere? (4 Options)

Development Release: deepin 25 Beta

CVE-2025-48275 – Dastan800 Visual Header Missing Authorization Vulnerability

Optimize query responses with user feedback using Amazon Bedrock embedding and few-shot prompting

AIOps Corner podcast series engages in the art of the possible for your AIOps journey

CVE-2025-6417 – PHPGurukul Art Gallery Management System SQL Injection Vulnerability

Computex

CVE-2025-52566 – LLama Heap Overflow Vulnerability

CVE-2025-4414 – CMSMasters Content Composer Remote File Inclusion Vulnerability

Related Posts