What is CVE-2025-4828?

CVE-2025-4828 is a critical-severity vulnerability in Schiocco Support Board, classified under Path Traversal. CVSS score: 9.8/10. Published 2025-07-08.

How severe is CVE-2025-4828?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Path Traversal in Schiocco Support Board

CVE-2025-4828

The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the sb_file_delete function in all versions up to, and including, 3.8.0. This makes it possible for attackers to de…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.086 (92.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Schiocco Support Board — versions 0

Weakness classification (CWE)

CWE-22 — Path Traversal

References

www.wordfence.com/threat-intel/vulnerabilities/id/33989611-8640-4c33-a34e-14f10…
codecanyon.net/item/support-board-help-desk-and-chat/20359943

Frequently asked questions

What is CVE-2025-4828?: CVE-2025-4828 is a critical-severity vulnerability in Schiocco Support Board, classified under Path Traversal. CVSS score: 9.8/10. Published 2025-07-08.
How severe is CVE-2025-4828?: Critical severity. CVSS v3 base score is 9.8 out of 10.