CVE-2025-7359

creationtimestamp| type| source ---|---|--- 2026-04-08 23:31:21+00:00| seen| Telegram/uDb8p1iskXO6Pq5CJ62NBhUvl5M2Dmbo-CUN4HEs8fpntc...

CVE-2025-7359

The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wcvisitorgetblock function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to delete arbitrary...

WordPress Counter live visitors for WooCommerce plugin <= 1.3.6 - Unauthenticated Arbitrary File Deletion in wcvisitor_get_block vulnerability

Unauthenticated Arbitrary File Deletion in wcvisitorgetblock vulnerability discovered by mikemyers in WordPress Plugin Counter live visitors for WooCommerce versions = 1.3.6...

CVE-2025-7359 Counter live visitors for WooCommerce <= 1.3.6 - Unauthenticated Arbitrary File Deletion in wcvisitor_get_block

The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wcvisitorgetblock function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to delete arbitrary...

CVE-2025-7359 Counter live visitors for WooCommerce <= 1.3.6 - Unauthenticated Arbitrary File Deletion in wcvisitor_get_block

The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wcvisitorgetblock function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to delete arbitrary...

CVE-2025-7359

CVE-2025-7359 — Counter live visitors for WooCommerce (WordPress) contains an unauthenticated arbitrary file deletion vulnerability in the wcvisitor_get_block function. Affected versions: all up to and including 1.3.6. The issue arises from insufficient file-path validation, allowing an attacker ...