Critical severity9.1NVD Advisory· Published Jan 13, 2026· Updated Apr 15, 2026
CVE-2025-14829
CVE-2025-14829
Description
The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.0
- Range: <=2.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.