16 matches found
CVE-2025-3701
Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner wp-malware-removal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through = 16.8...
CVE-2025-3701
CVE-2025-3701 affects the WordPress plugin “Malcure Malware Scanner” (versions up to 16.8). The issue is a Missing Authorization vulnerability caused by incorrectly configured access control, enabling unauthorized access or actions. CVSSv3 base score is 4.3 (Medium). Public sources indicate the v...
CVE-2025-3701 WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through 16.8...
WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by domiee13 Patchstack Alliance in WordPress Plugin Malcure Malware Scanner versions = 16.8...
PT-2025-35717
Name of the Vulnerable Software and Affected Versions: Malcure Malware Scanner versions n/a through 16.8 Description: A missing authorization flaw exists in Malcure Malware Scanner, allowing exploitation due to incorrectly configured access control security levels. Recommendations: At the moment,...
WordPress Malcure Malware Scanner plugin <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Malcure Malware Scanner versions = 16.8...
CVE-2025-6043
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...
CVE-2025-7772
CVE-2025-7772 affects the WordPress plugin Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal (
CVE-2025-7772 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmrinspectfile function due to a missing capability check. This makes it possible for authenticated attackers, with...
CVE-2025-7772 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmrinspectfile function due to a missing capability check. This makes it possible for authenticated attackers, with...
PT-2025-30009 · WordPress · Malcure Malware Scanner
Name of the Vulnerable Software and Affected Versions: Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress versions prior to 16.9 Description: The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary...
CVE-2025-6043
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...
CVE-2025-6043 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...
CVE-2025-6043
CVE-2025-6043 affects the Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin up to version 16.8. The vulnerability is an authenticated Arbitrary File Deletion due to a missing capability check in wpmr_delete_file(), exploitable by subscribers and above, but only when advanc...
WordPress Malcure Malware Scanner plugin <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Malcure Malware Scanner versions = 17.0...
WordPress plugin Malcure Malware Scanner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...