CVE-2025-7360 | HT Contact Form Widget Plugin up to 2.2.1 on WordPress handle_files_upload path traversal

Inserito da Angelo Barbosa | Lug 14, 2025 | CVE

A vulnerability was found in HT Contact Form Widget Plugin up to 2.2.1 on WordPress. It has been rated as critical. Affected by this issue is the function handle_files_upload. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2025-7360. The attack may be launched remotely. There is no exploit available.

CVE-2025-7360 | HT Contact Form Widget Plugin up to 2.2.1 on WordPress handle_files_upload path traversal

Post correlati

CVE-2023-7093 | KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33 com.kylin.systemupgrade Service UpgradeStrategiesDbus.py SetDownloadspeedMax os command injection

CVE-2025-21665 | Linux Kernel up to 5.15.176/6.1.126/6.6.73/6.12.10 folio_seek_hole_data bit infinite loop

CVE-2024-23673 | Apache Sling Servlets Resolver up to 2.10.x Script path traversal (SLING-12233)

CVE-2024-25913 | MoveTo Plugin up to 6.2 on WordPress unrestricted upload