Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through <= 1.0.18.
Published: 2025-08-14
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a PHP Local File Inclusion flaw caused by insufficient validation of filenames used in include/require statements in the WordPress Cloud SAML SSO - Single Sign On Login plugin. This flaw could allow an unauthenticated user to read arbitrary files on the server or potentially execute local code, violating confidentiality and integrity of the application.

Affected Systems

The Cloud SAML SSO plugin for WordPress, registered under Cloud Infrastructure Services, is affected in all released versions up to and including 1.0.18. The vulnerability to any installation of the plugin from its earliest version through 1.0.18.

Risk and Exploitability

The CVSS base score is 7.5, indicating a high severity impact. The EPSS score is below 1%, suggesting a low but non‑zero probability of exploitation in the wild. The flaw is not listed in CISA’s KEV catalog. The likely attack vector is a local web request to the plugin’s code path that accepts a user‑controlled filename parameter. Exploitation would require only a simple HTTP request; therefore the risk is mitigated primarily through prompt patching and mitigating controls such as disabling the plugin or restricting directory access.

Generated by OpenCVE AI on April 30, 2026 at 09:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Cloud SAML SSO plugin to a version newer than 1.0.18, which incorporates proper filename validation and removes the insecure include logic.
  • If an upgrade cannot occur immediately, disable the Cloud SAML SSO plugin or comment out the file‑inclusion code to eliminate the vulnerable functionality.
  • Configure web‑server directory permissions so that the plugin’s include paths are not directly accessible from the web and ensure the plugin’s PHP files are not exposed to directory listing or direct URL access.

Generated by OpenCVE AI on April 30, 2026 at 09:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-24772 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login allows PHP Local File Inclusion. This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through 1.0.18.
History

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login allows PHP Local File Inclusion. This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through 1.0.18. Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login cloud-sso-single-sign-on allows PHP Local File Inclusion.This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through <= 1.0.18.
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Sat, 16 Aug 2025 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress cloud Saml Sso
Wordpress wordpress
Vendors & Products Wordpress
Wordpress cloud Saml Sso
Wordpress wordpress

Thu, 14 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 14 Aug 2025 10:45:00 +0000

Type Values Removed Values Added
Description Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cloud Infrastructure Services Cloud SAML SSO - Single Sign On Login allows PHP Local File Inclusion. This issue affects Cloud SAML SSO - Single Sign On Login: from n/a through 1.0.18.
Title WordPress Cloud SAML SSO - Single Sign On Login <= 1.0.18 - Local File Inclusion Vulnerability
Weaknesses CWE-98
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Wordpress Cloud Saml Sso Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T16:12:59.484Z

Reserved: 2025-06-04T09:41:22.714Z

Link: CVE-2025-49264

cve-icon Vulnrichment

Updated: 2025-08-14T14:22:46.403Z

cve-icon NVD

Status : Deferred

Published: 2025-08-14T11:15:39.617

Modified: 2026-04-23T15:31:21.087

Link: CVE-2025-49264

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T09:15:28Z

Weaknesses