CVE-2025-52728 | WebCodingPlace Responsive Posts Carousel Plugin up to 15.0 on WordPress filename control

A vulnerability was found in WebCodingPlace Responsive Posts Carousel Plugin up to 15.0 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is known as CVE-2025-52728. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More