CVE-2025-11973 | 简数采集器 Plugin up to 2.6.3 on WordPress __kds_flag path traversal

November 21, 2025 Yanac

A vulnerability classified as critical has been found in 简数采集器 Plugin up to 2.6.3 on WordPress. Affected by this vulnerability is the function __kds_flag. This manipulation causes path traversal.

This vulnerability is tracked as CVE-2025-11973. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-11815 | UiPress Lite Plugin up to 3.5.08 on WordPress Setting uip_save_site_option authorization
CVE-2025-64656 | Microsoft Azure App Gateway out-of-bounds