Security Advisory

CVE-2025-0818

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-13 03:42:04

Last updated 2026-04-08 17:20:11

Assigner Wordfence

State PUBLISHED

Description

Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an instance of the file manager available to users.

← Browse all CVEs View on cve.org ↗