How severe is CVE-2025-14829?

CVE-2025-14829 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2025-14829

9.1CRITICAL

The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to de

Veröffentlicht: 1/13/2026Aktualisiert: 1/13/2026

Beschreibung

The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

KI-AnalyseKI-gestützt

Referenzen

https://wpscan.com/vulnerability/872569bc-16fb-427f-accc-147f284137cd/