4 matches found
CVE-2025-5014
creationtimestamp| type| source ---|---|--- 2025-07-02 09:17:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxuxc2bl32r...
CVE-2025-5014
The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wpremcswidgetfiledelete' function in all versions up to, and including, 2.8. This makes it possible for authenticated attackers, with...
CVE-2025-5014
CVE-2025-5014 (Home Villas real estate WordPress theme) affects versions up to 2.8, with a vulnerability in the wp_rem_cs_widget_file_delete function that allows an authenticated attacker with Subscriber+ privileges to delete arbitrary files on the server due to insufficient file path validation....
WordPress Home Villas Theme <= 2.8 is vulnerable to Arbitrary File Deletion
Software Home Villas Type Theme Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Deletion CVE CVE-2025-5014 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID cba250cec63a Credits Thái An Required privilege Subscriber Published...