{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T18:11:47.301","vulnerabilities":[{"cve":{"id":"CVE-2025-39384","sourceIdentifier":"audit@patchstack.com","published":"2025-04-24T16:15:31.840","lastModified":"2026-06-17T09:17:51.980","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cedcommerce Product Lister for eBay product-lister-ebay allows PHP Local File Inclusion.This issue affects Product Lister for eBay: from n/a through <= 2.0.9."},{"lang":"es","value":"Vulnerabilidad de control inadecuado del nombre de archivo para declaraciones Include/Require en programas PHP ('Inclusión remota de archivos PHP') en cedcommerce Product Lister for eBay permite la inclusión local de archivos en PHP. Este problema afecta al Listado de productos para eBay desde n/d hasta la versión 2.0.9."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"cedcommerce","product":"Product Lister for eBay","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"product-lister-ebay","versions":[{"version":"0","lessThanOrEqual":"2.0.9","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:55:47.885152Z","id":"CVE-2025-39384","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-98"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/product-lister-ebay/vulnerability/wordpress-product-lister-for-ebay-plugin-2-0-9-local-file-inclusion-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}