Skip to main content

Car Zone

1 CVEs product

Monthly

CVE-2025-69139 HIGH This Week

Arbitrary file deletion in the Car Zone WordPress theme (versions through 3.7) by Aivah Themes lets remote, unauthenticated attackers remove files on the underlying server through a path-traversal flaw. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/A:H) reflects that file deletion crosses scope into the broader WordPress installation, enabling denial-of-service or forced reinstall scenarios. No public exploit identified at time of analysis and the CVE is not in CISA KEV.

Path Traversal Car Zone
NVD
CVSS 3.1
8.6
EPSS
0.5%
EPSS 1% CVSS 8.6
HIGH This Week

Arbitrary file deletion in the Car Zone WordPress theme (versions through 3.7) by Aivah Themes lets remote, unauthenticated attackers remove files on the underlying server through a path-traversal flaw. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/A:H) reflects that file deletion crosses scope into the broader WordPress installation, enabling denial-of-service or forced reinstall scenarios. No public exploit identified at time of analysis and the CVE is not in CISA KEV.

Path Traversal Car Zone
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy