{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T22:54:03.451","vulnerabilities":[{"cve":{"id":"CVE-2025-52728","sourceIdentifier":"audit@patchstack.com","published":"2025-08-14T11:15:42.410","lastModified":"2026-04-23T15:32:05.790","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through <= 15.0."},{"lang":"es","value":"Vulnerabilidad de control inadecuado del nombre de archivo para la declaración Include/Require en un programa PHP ('Inclusión remota de archivos PHP') en el complemento WebCodingPlace Responsive Posts Carousel para Wordpress permite la inclusión local de archivos PHP. Este problema afecta al complemento de WordPress WebCodingPlace Responsive Posts Carousel desde n/d hasta la versión 15.0."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-98"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/responsive-posts-carousel-pro/vulnerability/wordpress-responsive-posts-carousel-wordpress-plugin-plugin-15-0-local-file-inclusion-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}