What is CVE-2025-14868?

CVE-2025-14868 is a high-severity vulnerability in Shahinurislam Career Section, classified under Path Traversal. CVSS score: 8.8/10. Published 2026-04-16.

How severe is CVE-2025-14868?

High severity. CVSS v3 base score is 8.8 out of 10.

Path Traversal in Shahinurislam Career Section

CVE-2025-14868

The Career Section plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Path Traversal and Arbitrary File Deletion in all versions up to, and including, 1.6. This is due to missing nonce validation and insufficient f…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (8.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Shahinurislam Career Section — versions 0

Weakness classification (CWE)

CWE-22 — Path Traversal

References

www.wordfence.com/threat-intel/vulnerabilities/id/84936b68-923a-4da1-ae67-1d63d…
plugins.trac.wordpress.org/changeset/3474216/career-section

Frequently asked questions

What is CVE-2025-14868?: CVE-2025-14868 is a high-severity vulnerability in Shahinurislam Career Section, classified under Path Traversal. CVSS score: 8.8/10. Published 2026-04-16.
How severe is CVE-2025-14868?: High severity. CVSS v3 base score is 8.8 out of 10.