2 matches found
CVE-2025-14301 Integration Opvius AI for WooCommerce <= 1.3.0 - Unauthenticated Arbitrary File Deletion/Read via Path Traversal
The Integration Opvius AI for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.0. This is due to the processtablebulkactions function processing user-supplied file paths without authentication checks, nonce verification, or path validation...
CVE-2025-14301
CVE-2025-14301 – WordPress Integration Opvius AI for WooCommerce plugin is affected by a Path Traversal vulnerability in all versions up to 1.3.0. The flaw arises from the plugin’s process_table_bulk_actions() function, which handles user-supplied file paths without authentication checks, nonce v...