CVE-2025-62753
WordPress MAS Videos plugin <= 1.3.2 - Local File Inclusion vulnerabilityImproper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in MadrasThemes MAS Videos allows PHP Local File Inclusion.This issue affects MAS Videos: from n/a through 1.3.2.
We have discovered 235 live websites that are affected by CVE-2025-62753.
Affected Software
| Product |  Masvideos |
| Category | Wordpress Plugins |
| Vulnerable Domains | 235 live websites (100% of Masvideos install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 11 versions ( 100% of all versions) |
Common Weakness Enumeration
CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')Details
- Published - Dec 30, 2025
- Updated - Jan 20, 2026
Credits
- Muhammad Yudha - DJ | Patchstack Bug Bounty Program (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-62753 United States | 103 websites |
 Germany | 19 websites |
 Italy | 16 websites |
 Cyprus | 13 websites |
 France | 12 websites |
 GB | 7 websites |
 Spain | 7 websites |
 Brazil | 7 websites |
 South Africa | 5 websites |
 India | 3 websites |
Website Distribution by TLD
Number of websites using CVE-2025-62753| .com | 108 websites |
| .it | 12 websites |
| .org | 9 websites |
| .net | 8 websites |
| .com.br | 6 websites |
| .de | 5 websites |
| .fr | 5 websites |
| .info | 4 websites |
| .co | 3 websites |
| .pl | 3 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-62753
Top websites that are affected by CVE-2025-62753. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.tv | United States | **,*** | |
| ********.com |  Iran | ***,*** | |
| **************.com | United States | ***,*** | |
| *************.**.za | South Africa | *,***,*** | |
| *********.info | United States | *,***,*** | |
| **************.com | United States | *,***,*** | |
| *****.**.za | South Africa | *,***,*** | |
| *********.com | United States | *,***,*** | |
| *****.**.za | South Africa | *,***,*** | |
| ************.it | Italy | *,***,*** |
FAQ
CVE-2025-62753 is Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in Masvideos
A total of 235 websites have been identified as vulnerable to CVE-2025-62753, based on global website indexing conducted by WebTechSurvey.
The Masvideos is affected by the CVE-2025-62753 vulnerability.
Masvideos versions up to and including 1.3.2 are vulnerable to CVE-2025-62753.