6 matches found
CVE-2025-2267
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267
creationtimestamp| type| source ---|---|--- 2025-03-15 03:49:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7657 2025-03-15 04:56:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkfdkxqzon2x 2025-03-15 06:55:43+00:00| seen| https://t.me/cvedetector/20354...
CVE-2025-2267 WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
CVE-2025-2267
CVE-2025-2267 affects the WP01 – Speed, Security, SEO consultant WordPress plugin. The vulnerability is an Arbitrary File Download in all versions up to 2.6.2, caused by a missing capability check and insufficient restrictions on the make_archive() function. This permits authenticated attackers w...
CVE-2025-2267 WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download
The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...