← Back to CVE List
CVE-2025-30890
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SuitePlugins Login Widget for Ultimate Member allows PHP Local File Inclusion. This issue affects Login Widget for Ultimate Member: from n/a through 1.1.2.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt