Lucene search
K

16 matches found

NVD
NVD
added 2025/09/03 1:15 p.m.7 views

CVE-2025-3701

Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner wp-malware-removal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through = 16.8...

4.3CVSS0.00196EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 12:50 p.m.16 views

CVE-2025-3701

CVE-2025-3701 affects the WordPress plugin “Malcure Malware Scanner” (versions up to 16.8). The issue is a Missing Authorization vulnerability caused by incorrectly configured access control, enabling unauthorized access or actions. CVSSv3 base score is 4.3 (Medium). Public sources indicate the v...

4.3CVSS5.9AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 12:50 p.m.4 views

CVE-2025-3701 WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Malcure Web Security Malcure Malware Scanner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Malcure Malware Scanner: from n/a through 16.8...

4.3CVSS6.5AI score0.00196EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/03 12:46 p.m.7 views

WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by domiee13 Patchstack Alliance in WordPress Plugin Malcure Malware Scanner versions = 16.8...

4.3CVSS6.8AI score0.00196EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.5 views

PT-2025-35717

Name of the Vulnerable Software and Affected Versions: Malcure Malware Scanner versions n/a through 16.8 Description: A missing authorization flaw exists in Malcure Malware Scanner, allowing exploitation due to incorrectly configured access control security levels. Recommendations: At the moment,...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/07/18 10:13 a.m.18 views

WordPress Malcure Malware Scanner plugin <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Malcure Malware Scanner versions = 16.8...

6.5CVSS6.7AI score0.00309EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/18 7:3 a.m.10 views

CVE-2025-6043

The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...

8.1CVSS6.6AI score0.00537EPSS
Exploits0References1
CVE
CVE
added 2025/07/18 6:45 a.m.24 views

CVE-2025-7772

CVE-2025-7772 affects the WordPress plugin Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal (

6.5CVSS6.1AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/18 6:45 a.m.21 views

CVE-2025-7772 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read

The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmrinspectfile function due to a missing capability check. This makes it possible for authenticated attackers, with...

6.5CVSS6.6AI score0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/18 6:45 a.m.9 views

CVE-2025-7772 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read

The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmrinspectfile function due to a missing capability check. This makes it possible for authenticated attackers, with...

6.5CVSS0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/18 12:0 a.m.3 views

PT-2025-30009 · WordPress · Malcure Malware Scanner

Name of the Vulnerable Software and Affected Versions: Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress versions prior to 16.9 Description: The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary...

6.5CVSS6AI score0.00309EPSS
Exploits0References7
NVD
NVD
added 2025/07/16 7:15 a.m.4 views

CVE-2025-6043

The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...

8.1CVSS0.00537EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/16 6:40 a.m.7 views

CVE-2025-6043 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion

The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...

8.1CVSS0.00537EPSS
Exploits0References4
CVE
CVE
added 2025/07/16 6:40 a.m.26 views

CVE-2025-6043

CVE-2025-6043 affects the Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin up to version 16.8. The vulnerability is an authenticated Arbitrary File Deletion due to a missing capability check in wpmr_delete_file(), exploitable by subscribers and above, but only when advanc...

8.1CVSS6.6AI score0.00537EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/07/16 4:10 a.m.6 views

WordPress Malcure Malware Scanner plugin <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Malcure Malware Scanner versions = 17.0...

8.1CVSS6.8AI score0.00537EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.2 views

WordPress plugin Malcure Malware Scanner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

8.1CVSS6.4AI score0.00537EPSS
Exploits0References4
Rows per page
Query Builder