VYPR
Medium severity6.8NVD Advisory· Published Mar 26, 2026· Updated Apr 15, 2026

CVE-2025-15433

CVE-2025-15433

Description

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

1