Vulnerabilities

CVE-2025-13088 - Category and Product Woocommerce Tabs <= 1.0 - authenticated (contributor+) loca...

2025-11-18 0 views admin
CVE-2025-13088 - Category and Product Woocommerce Tabs <= 1.0 - authenticated (contributor+) loca...

CVE ID : CVE-2025-13088 Published : Nov. 18, 2025, 8:27 a.m. | 26 minutes ago Description : The Category and Product Woocommerce Tabs plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0. This is due to insufficient input validation on the 'template' parameter in the categoryProductTab() function. This makes it possible for authenticated attackers, with contributor level access and above, to include and execute arbitrary .php files on the server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Published
Nov. 18, 2025
Affected Product: WordPress
Attack Vector: Local

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-13088wordpress

More from Vulnerabilities

CVE-2025-53593 - QTS, QuTS hero

CVE-2025-53593 - QTS, QuTS hero

2026-01-02 0
CVE-2025-65125 - Gosaliajainam Online-Movie-Booking SQL Injection Vulnerability

CVE-2025-65125 - Gosaliajainam Online-Movie-Booking SQL Injection Vulnerability

2026-01-02 0
CVE-2025-62857 - QuMagie

CVE-2025-62857 - QuMagie

2026-01-02 0
CVE-2025-57705 - QTS, QuTS hero

CVE-2025-57705 - QTS, QuTS hero

2026-01-02 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views