VYPR

Packagist (Composer) package

wpmetabox/meta-box

pkg:composer/wpmetabox/meta-box

Vulnerabilities (1)

  • CVE-2025-14675HigMar 7, 2026
    affected < 5.11.2fixed 5.11.2

    The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_delete_file' function in all versions up to, and including, 5.11.1. This makes it possible for authenticated attackers, with Contributor-level access a