VYPR

Icons Factory

by WordPress

Source repositories

CVEs (1)

  • CVE-2025-7778CriAug 15, 2025
    risk 0.64cvss 9.8epss 0.01

    The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the delete_files() function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to…