CVE-2025-30835
HIGHDescription
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bastien Ho Accounting for WooCommerce accounting-for-woocommerce allows PHP Local File Inclusion.This issue affects Accounting for WooCommerce: from n/a through <= 1.6.8.
Is your site exposed to CVE-2025-30835?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-30835? +
How severe is CVE-2025-30835? +
How do I check if I'm vulnerable to CVE-2025-30835? +
Related Vulnerabilities
Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary …
Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive …
Emlog is an open source website building system. In 2.6.13 and earlier, the article publishing interface stores a path-traversal template …
Kirby is an open-source content management system. In versions 5.3.0 and above but prior to 5.4.1, Kirby did not correctly …
A improper control of filename for include/require statement in PHP program vulnerability in the retrieve course Information function of Wisdom …
Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW) allows a remote attacker to …