CVE-2025-4659 – Salesforce WordPress Plugin Full Path Disclosure Vulnerability

May 30, 2025

CVE ID : CVE-2025-4659

Published : May 30, 2025, 6:15 a.m. | 3 hours, 21 minutes ago

Description : The Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.4. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5259 – WordPress Minimal Share Buttons Stored Cross-Site Scripting (XSS)

Next Article CVE-2025-48881 – Valtimo Object Management Configuration Information Disclosure

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-4659 – Salesforce WordPress Plugin Full Path Disclosure Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Vpn-accounts op SonicWall-gateways sinds januari doelwit van aanvallen

CVE-2025-27007 – Brainstorm Force SureTriggers Privilege Escalation Vulnerability

CVE-2025-45984 – Blink Command Injection Vulnerability

CVE-2025-3973 – PHPGurukul COVID19 Testing Management System SQL Injection Vulnerability

Community News: Latest PECL Releases (06.10.2025)

Windows Snipping Tool Gets Smarter with New Text Extractor feature in Upcoming Update

This could be the versatile laptop accessory I’ve been waiting for — Here’s why it stands out from other portable monitors

CVE-2025-5488 – WordPress WP Masonry & Infinite Scroll Stored Cross-Site Scripting Vulnerability

CVE-2025-4659 – Salesforce WordPress Plugin Full Path Disclosure Vulnerability

Related Posts