PoloPag WooCommerce Plugin Local File Inclusion Vulnerability
Vulnerability
A local file inclusion vulnerability has been identified in the PoloPag - Pix Automático para WooCommerce plugin, specifically in versions through 2.0.9. This vulnerability arises from improper control of filenames in include or require statements, allowing for PHP local file inclusion.
Impact
Exploitation of this vulnerability could lead to local file inclusion, allowing attackers to read sensitive files on the server or potentially execute malicious scripts.
Added: Nov 6, 2025, 4:24 PM
Updated: Nov 6, 2025, 8:57 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
7.4remediation
0.0relevance
0.9threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.