2 matches found
CVE-2025-3294
CVE-2025-3294 affects the WordPress WP Editor plugin up to version 1.2.9.1. The issue is an authenticated directory-traversal flaw (no proper file path validation) that can enable an attacker with Administrator-level access and above to overwrite arbitrary server files, potentially enabling remot...
WordPress WP Editor plugin <= 1.2.9.1 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Update vulnerability
Authenticated Administrator+ Directory Traversal to Arbitrary File Update vulnerability discovered by nquangit in WordPress Plugin WP Editor versions = 1.2.9.1...