VYPR

Jkdevkit

by WordPress

CVEs (1)

  • CVE-2025-2932HigJul 3, 2025
    risk 0.57cvss 8.8epss 0.01

    The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and including, 1.9.4. This makes it possible for authenticated attackers, with Subscriber-level access…