Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/17 4:6 a.m.22 views

CVE-2025-2267

The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...

6.5CVSS7.4AI score0.00327EPSS
Exploits0References1
NVD
NVD
added 2025/03/15 4:15 a.m.38 views

CVE-2025-2267

The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...

6.5CVSS0.00327EPSS
Exploits0References3
Circl
Circl
added 2025/03/15 3:49 a.m.19 views

CVE-2025-2267

creationtimestamp| type| source ---|---|--- 2025-03-15 03:49:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7657 2025-03-15 04:56:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkfdkxqzon2x 2025-03-15 06:55:43+00:00| seen| https://t.me/cvedetector/20354...

6.5CVSS8.7AI score0.00327EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/15 3:23 a.m.8 views

CVE-2025-2267 WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download

The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...

6.5CVSS7.4AI score0.00327EPSS
Exploits0References3
CVE
CVE
added 2025/03/15 3:23 a.m.81 views

CVE-2025-2267

CVE-2025-2267 affects the WP01 – Speed, Security, SEO consultant WordPress plugin. The vulnerability is an Arbitrary File Download in all versions up to 2.6.2, caused by a missing capability check and insufficient restrictions on the make_archive() function. This permits authenticated attackers w...

6.5CVSS7.3AI score0.00327EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/03/15 3:23 a.m.43 views

CVE-2025-2267 WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download

The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...

6.5CVSS0.00327EPSS
Exploits0References3
Rows per page
Query Builder