9 matches found
EUVD-2025-25002
Malicious code in bioql PyPI...
CVE-2025-7778
The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the deletefiles function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to to delete arbitrary...
WordPress Icons Factory plugin <= 1.6.12 - Missing Authorization to Unauthenticated Arbitrary File Deletion via delete_files() Function vulnerability
Missing Authorization to Unauthenticated Arbitrary File Deletion via deletefiles Function vulnerability discovered by johska in WordPress Plugin Icons Factory versions = 1.6.12...
CVE-2025-7778
The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the deletefiles function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to to delete arbitrary...
CVE-2025-7778 Icons Factory <= 1.6.12 - Missing Authorization to Unauthenticated Arbitrary File Deletion via delete_files() Function
The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the deletefiles function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to to delete arbitrary...
CVE-2025-7778
The CVE-2025-7778 entry concerns the Icons Factory WordPress plugin (versions up to and including 1.6.12). The vulnerability arises from missing authorization and improper path validation in delete_files(), enabling unauthenticated attackers to delete arbitrary server files (potentially including...
CVE-2025-7778 Icons Factory <= 1.6.12 - Missing Authorization to Unauthenticated Arbitrary File Deletion via delete_files() Function
The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the deletefiles function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to to delete arbitrary...
WordPress plugin Icons Factory 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization issue...
PT-2025-33463 · WordPress · Icons Factory
Name of the Vulnerable Software and Affected Versions: Icons Factory plugin for WordPress versions up to and including 1.6.12 Description: The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the dele...