CVE-2025-15470

The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in the akdrequiredplugincallback function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2025-15470

The CVE describes an arbitrary directory deletion vulnerability in the Eleganzo WordPress theme (versions

CVE-2025-15470 Eleganzo <= 1.2 - Authenticated (Subscriber+) Arbitrary Directory Deletion

The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in the akdrequiredplugincallback function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

WordPress Classified Pro plugin Unauthorized Plugin Installation Vulnerability

WordPress Classified Pro plugin is a plugin for quickly creating a classified ad section on a WordPress website, supporting different scenarios of listings management such as automotive, second-hand trading, etc., and providing features such as searching, ad space configuration, and text...