CVE-2025-10406 | BlindMatrix e-Commerce Plugin up to 3.0 on WordPress Shortcode file inclusion

A vulnerability was found in BlindMatrix e-Commerce Plugin up to 3.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the component Shortcode Handler. This manipulation causes file inclusion.

This vulnerability is registered as CVE-2025-10406. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More