CVE-2025-6755
CVE-2025-6755 concerns the WordPress plugin “Game Users Share Buttons” where all versions up to 1.3.0 are vulnerable to arbitrary file deletion due to insufficient file path validation in ajaxDeleteTheme(). An attacker with Subscriber-level privileges can supply crafted values for the themeNameId...