CVE-2025-7360 | HT Contact Form Widget Plugin up to 2.2.1 on WordPress handle_files_upload path traversal

Inserito da Angelo Barbosa | Lug 14, 2025 | CVE

A vulnerability was found in HT Contact Form Widget Plugin up to 2.2.1 on WordPress. It has been rated as critical. Affected by this issue is the function handle_files_upload. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2025-7360. The attack may be launched remotely. There is no exploit available.

CVE-2025-7360 | HT Contact Form Widget Plugin up to 2.2.1 on WordPress handle_files_upload path traversal

Post correlati

CVE-2024-49209 | Archer Platform up to 2024.08 API authorization

CVE-2024-52589 | Discourse Admin Dashboard information disclosure (GHSA-cqw6-rr3v-8fff)

CVE-2025-3107 | Newsletters Plugin up to 4.9.9.8 on WordPress orderby sql injection

CVE-2024-7264 | libcURL up to 8.9.0 ASN1 Parser GTime2str out-of-bounds