VYPR

Attachment Manager

by WordPress

Source repositories

CVEs (1)

  • CVE-2025-7643CriJul 18, 2025
    risk 0.60cvss 9.1epss 0.01

    The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the handle_actions() function in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary…