Vulnerabilities

Breaking: CVE-2025-14829 - e-xact-hosted-payment <= 2.0 - unauthenticated arbitrary file deletion

2026-01-13 0 views admin
Breaking: CVE-2025-14829 - e-xact-hosted-payment <= 2.0 - unauthenticated arbitrary file deletion

CVE ID : CVE-2025-14829 Published : Jan. 13, 2026, 6:15 a.m. | 26 minutes ago Description : The E-xact | Hosted Payment | WordPress plugin through 2.0 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Published
Jan. 13, 2026
Affected Product: WordPress

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-14829wordpress

More from Vulnerabilities

CVE-2025-9427 - Admin reflected XSS - Guide

CVE-2025-9427 - Admin reflected XSS - Guide

2026-01-13 0
CVE-2025-14507 - EventPrime - Events Calendar, Bookings and Tickets <= 4.2.7.0 - unauthenticated

CVE-2025-14507 - EventPrime - Events Calendar, Bookings and Tickets <= 4.2.7.0 - unauthenticated

2026-01-13 0
CVE-2025-11669 - Broken Access Control

CVE-2025-11669 - Broken Access Control

2026-01-13 0
Update: CVE-2026-0880 - Sandbox escape due to integer overflow in the Graphics component

Update: CVE-2026-0880 - Sandbox escape due to integer overflow in the Graphics component

2026-01-13 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views