exploitDog

CVE-2025-14829

Опубликовано: 13 янв. 2026

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

Ссылки

https://wpscan.com/vulnerability/872569bc-16fb-427f-accc-147f284137cd/

EPSS

Процентиль: 23%

0.00079

Низкий

9.1 Critical

CVSS3

Дефекты

Связанные уязвимости

GHSA-q25w-gj9h-7rj6

CVSS3: 9.1

github

26 дней назад

The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

EPSS

Процентиль: 23%

0.00079

Низкий

9.1 Critical

CVSS3

Дефекты