CVE-2025-3065

Name of the Vulnerable Software and Affected Versions Database Toolset plugin versions 1.8.4 and earlier

Description The issue is related to insufficient file path validation in a function, allowing unauthenticated attackers to delete arbitrary files on the server. This can lead to remote code execution when the right file is deleted, such as wp-config.php.

Recommendations For versions 1.8.4 and earlier, update to version 1.8.5 to patch this critical issue. As a temporary workaround, consider restricting access to sensitive files on the server to minimize the risk of exploitation.