CVE-2025-59550 | designervily Xcare Plugin up to 6.5 on WordPress filename control

A vulnerability was found in designervily Xcare Plugin up to 6.5 on WordPress and classified as critical. Affected is an unknown function. Such manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is listed as CVE-2025-59550. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More