EUVD-2026-15709

| CVE-2026-25397 HIGH
2026-03-25 Patchstack
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 25, 2026 - 16:47 vuln.today
EUVD ID Assigned
Mar 25, 2026 - 16:47 euvd
EUVD-2026-15709
CVE Published
Mar 25, 2026 - 16:14 nvd
HIGH 7.5

Tags

Path Traversal WordPress

Description

Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4.

Analysis

Path traversal in Snowray Software's File Uploader for WooCommerce plugin (versions up to 1.0.4) enables unauthenticated remote attackers to access arbitrary files on affected WordPress installations through directory traversal sequences. Successful exploitation could result in disclosure of sensitive data, modification of website content, or service disruption. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +38
POC: 0

Share

EUVD-2026-15709 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy