Security Advisory

CVE-2025-48158

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-20 08:03:31

Last updated 2026-04-28 16:12:52

Assigner Patchstack

State PUBLISHED

Description

Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Alex Githatu BuddyPress XProfile Custom Image Field buddypress-xprofile-image-field allows Path Traversal.This issue affects BuddyPress XProfile Custom Image Field: from n/a through <= 3.0.1.

← Browse all CVEs View on cve.org ↗