CVE-2025-3055 — The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_avatar_ajax() function in all versions up to, and includin — CVE Database · The Intelligence Room