Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-60227

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through <= 1.4.3.

Published

2025-10-22T15:15:59.877

Last Modified

2025-11-26T14:48:36.480

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	thimpress	wp_pipes	≤ 1.4.3	Yes

References

https://vdp.patchstack.com/database/Wordpress/Plugin/wp-pipes/vulnerability/wordpress-wp-pipes-plugin-1-4-3-arbitrary-file-deletion-vulnerability?_s_id=cve Third Party Advisory ([email protected])