4 matches found
CVE-2025-3300
creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13201 2025-04-24 13:03:42+00:00| seen| https://t.me/cvedetector/23658 2025-04-24 14:19:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkvntgnrw2d 2026-04-08...
CVE-2025-3300 WPMasterToolKit (WPMTK) – All in one plugin <= 2.5.2 - Authenticated (Administrator+) to Arbitrary File Read and Write
The WPMasterToolKit WPMTK – All in one plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to read and modify the contents of arbitrary files on...
CVE-2025-3300
CVE-2025-3300 affects the WordPress plugin WPMasterToolKit (WPMTK) up to version 2.5.2. A directory traversal flaw allows an authenticated attacker with Administrator-level access to read and modify arbitrary server files, exposing sensitive information. Mitigation/Remediation: upgrade to a versi...
WordPress WPMasterToolKit (WPMTK) – All in one plugin plugin <= 2.5.2 - Authenticated (Administrator+) to Arbitrary File Read and Write vulnerability
Authenticated Administrator+ to Arbitrary File Read and Write vulnerability discovered by nquangit in WordPress Plugin WPMasterToolKit versions = 2.5.2...