local file inclusion

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

January 10, 2026January 10, 2026 geekfeed0Tagged CVE-2025-68428, jsPDF, local file inclusion, npm, Packages, Path Traversal, PDF, vulnerability

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by including it in generated files. The flaw is a local file inclusion and path traversal that allows passing unsanitized paths to the file loading mechanism (loadFile) […]

2 mins read

Popular WordPress security plugin WP Ghost vulnerable to RCE bug

March 26, 2025March 26, 2025 geekfeed0Tagged CVE-2025-26909, LFI, local file inclusion, Plugin, rce, Remote Code Execution, security, vulnerability, wordpress, WP Ghost

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. WP Ghost is a popular security add-on used in over 200,000 WordPress sites that claims to stop 140,000 hacker attacks and over 9 million brute-forcing attempts every month. It also […]

2 mins read