3 matches found
WordPress Groundhogg plugin <= 4.1.1.2 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability
Authenticated Administrator+ Arbitrary File Deletion vulnerability discovered by Phat Do in WordPress Plugin Groundhogg versions = 4.1.1.2...
CVE-2025-4206
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'processexportdelete' and 'processimportdelete' functions in all versions up to, and including,...
CVE-2025-4206
CVE-2025-4206 (Groundhogg groundhogg WordPress plugin) : The Groundhogg plugin for WordPress (versions up to and including 4.1.1.2) is vulnerable to arbitrary file deletion due to insufficient validation of file paths in the functions process_export_delete and process_import_delete. This enables ...