CVE-2025-49281 | Unfoldwp Magways Plugin up to 1.2.1 on WordPress filename control

A vulnerability classified as problematic was found in Unfoldwp Magways Plugin up to 1.2.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability was named CVE-2025-49281. The attack can be initiated remotely. There is no exploit available.VulDB Recent EntriesRead More