8 matches found
WordPress WP01 - Path Traversal
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in wp01ru WP01 allows Path Traversal. This issue affects WP01: from n/a through 2.6.2. id: CVE-2025-30567 info: name: WordPress WP01 - Path Traversal author: s4e-io severity: high description: | Improper...
WordPress WP01 - Speed, Security, SEO consultant plugin <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download vulnerability
WordPress WP01 - Speed, Security, SEO consultant plugin = 2.6.2 - Authenticated Subscriber+ Arbitrary File Download vulnerability discovered by theviper17y in WordPress Plugin WP01 versions = 2.6.2...
CVE-2025-2267
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267 WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267
CVE-2025-2267 affects the WP01 – Speed, Security, SEO consultant WordPress plugin. The vulnerability is an Arbitrary File Download in all versions up to 2.6.2, caused by a missing capability check and insufficient restrictions on the make_archive() function. This permits authenticated attackers w...
CVE-2025-2267 WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...