CVE-2025-6715CRITICAL 9.8EPSS p40.5%

CVE-2025-6715CVE-2025-6715

Description

The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.53% probability of exploitation · percentile 40.5% · 2026-06-19T12:03:05Z
Published2025-08-13
Last modified2026-04-15

References

  1. https://wpscan.com/vulnerability/357aba51-b65e-4691-864b-fef1c78a9362/
  2. https://wpscan.com/vulnerability/357aba51-b65e-4691-864b-fef1c78a9362/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-6746
CVE
CVE-2025-14502
CVE
CVE-2025-11920
CVE
CVE-2025-9990
CVE
CVE-2025-15368
CVE
CVE-2025-1707
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.