CVE-2025-11973

The 简数采集器 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.6.3 via the kdsflag functionality that imports featured images. This makes it possible for authenticated attackers, with Adminstrator-level access and above, to read the contents of arbitra...

CVE-2025-11973

CVE-2025-11973 : The WordPress plugin 简数采集器 (Keydatas) is vulnerable to Arbitrary File Read in all versions up to and including 2.6.3 via the __kds_flag functionality that imports featured images. Authentication level required: Administrator+ or higher. Impact per sources: reading arbitrary serve...

CVE-2025-11973 简数采集器 <= 2.6.3 - Authenticated (Admin+) Arbitrary File Read

The 简数采集器 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.6.3 via the kdsflag functionality that imports featured images. This makes it possible for authenticated attackers, with Adminstrator-level access and above, to read the contents of arbitra...

WordPress plugin 简数采集器 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...