Vulnerabilities

CVE-2025-10162

by Fred · 07/10/2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack

More information : https://wpscan.com/vulnerability/f878615d-955d-4365-87e0-6c928f548986/

Similar

Tags: Cybersecurity Alert