2 matches found
CVE-2025-11705
CVE-2025-11705 affects the WordPress plugin Anti-Malware Security and Brute-Force Firewall (GOTMLS AJAX actions) with Arbitrary File Read via missing authorization, enabling authenticated Subscriber+ attackers to read arbitrary server files. A fix is available in version 4.23.83 (update to 4.23.8...
Anti-Malware Security and Brute-Force Firewall <= 4.23.81 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read
Missing Authorization to Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Anti-Malware Security and Brute-Force Firewall versions = 4.23.81...