CVE-2025-7360 | HT Contact Form Widget Plugin up to 2.2.1 on WordPress handle_files_upload path traversal

July 14, 2025 Yanac

A vulnerability was found in HT Contact Form Widget Plugin up to 2.2.1 on WordPress. It has been rated as critical. Affected by this issue is the function handle_files_upload. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2025-7360. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-7367 | Strong Testimonials Plugin up to 3.2.11 on WordPress cross site scripting
CVE-2025-7341 | HT Contact Form Widget Plugin up to 2.2.1 on WordPress temp_file_delete denial of service