CVE-2025-7575 | Zavy86 WikiDocs up to 1.0.77 submit.php image_drop_upload_ajax/image_delete_ajax path traversal (ID 258)

Inserito da Angelo Barbosa | Lug 13, 2025 | CVE

A vulnerability has been found in Zavy86 WikiDocs up to 1.0.77 and classified as critical. Affected by this vulnerability is the function image_drop_upload_ajax/image_delete_ajax of the file submit.php. The manipulation leads to path traversal.

This vulnerability is known as CVE-2025-7575. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-7575 | Zavy86 WikiDocs up to 1.0.77 submit.php image_drop_upload_ajax/image_delete_ajax path traversal (ID 258)

Post correlati

CVE-2024-55076 | Grocy up to 4.3.0 cross-site request forgery

CVE-2023-6996 | Display Custom Fields in the Frontend Plugin up to 1.2.1 on WordPress code injection

CVE-2025-53370 | StarCitizenTools mediawiki-skins-Citizen up to 3.3.x cross site scripting

CVE-2024-12038 | svenl77 Post Form Plugin up to 2.8.15 on WordPress Shortcode buddyforms_nav cross site scripting