VYPR

Zombify

by WordPress

CVEs (1)

  • CVE-2025-8385MedOct 31, 2025
    risk 0.44cvss 6.8epss 0.00

    The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5. This is due to insufficient input validation in the zf_get_file_by_url function. This makes it possible for authenticated attackers, with subscriber-level access and…