4 matches found
WordPress BitFire plugin <= 4.5 - Unauthenticated Information Exposure vulnerability
Unauthenticated Information Exposure vulnerability discovered by Aurélien BOURDOIS Elymaro in WordPress Plugin BitFire Security versions = 4.5...
CVE-2025-6722
creationtimestamp| type| source ---|---|--- 2025-08-02 13:26:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvgbctdvf226...
CVE-2025-6722 BitFire <= 4.5 - Unauthenticated Information Exposure
The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire directory that automatically gets created and stores potentially sensitive files without any access...
CVE-2025-6722
CVE-2025-6722 – BitFire Security plugin for WordPress is an unauthenticated information exposure vulnerability affecting BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin versions up to 4.5. The issue stems from a self-created bitfire_* directory that stores potentially se...