CVE-2025-11692 | Zip Attachments Plugin up to 1.6 on WordPress download.php wp_upload_dir authorization

A vulnerability marked as critical has been reported in Zip Attachments Plugin up to 1.6 on WordPress. This issue affects the function wp_upload_dir of the file download.php. Performing manipulation results in missing authorization.

This vulnerability was named CVE-2025-11692. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More