CVE-2025-7846 — The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the save_fields() function in all versions up to, and includin — CVE Database · The Intelligence Room