CVE-2025-7772 – “WordPress Malware Removal Plugin Arbitrary File Read Vulnerability”

July 18, 2025

CVE ID : CVE-2025-7772

Published : July 18, 2025, 7:15 a.m. | 3 hours, 42 minutes ago

Description : The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmr_inspect_file() function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-27779 – FortiSandbox FortiIsolator Insufficient Session Expiration Vulnerability

Next Article CVE-2025-7438 – MasterStudy LMS Pro WordPress Arbitrary File Upload Vulnerability

Highlights

CVE-2025-20284 – Cisco ISE/PIC Root Execution Remote Command Injection

July 16, 2025

CVE ID : CVE-2025-20284

Published : July 16, 2025, 5:15 p.m. | 1 hour, 28 minutes ago

Description : A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.

This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

I ran with Samsung’s Galaxy Watch 8 Classic, and it both humbled and motivated me

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-7772 – “WordPress Malware Removal Plugin Arbitrary File Read Vulnerability”

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

This smart planter uses NASA tech to harvest vegetables at home – my buying advice after 45 days

RFP Templates and Guidebook

This acclaimed new game could be the next Balatro-style hit, and you can get it at a huge discount

CVE-2025-32964 – ManageWiki Extension Privilege Escalation Vulnerability

CVE-2025-20284 – Cisco ISE/PIC Root Execution Remote Command Injection

CVE-2025-22462 – Ivanti Neurons for ITSM Authentication Bypass Vulnerability

CVE-2025-27525 – Hitachi JP1/IT Desktop Management 2 – Smart Device Manager Windows Information Exposure Vulnerability

I thought my favorite browser blocked trackers but this free privacy tool proved me wrong

CVE-2025-7772 – “WordPress Malware Removal Plugin Arbitrary File Read Vulnerability”

Related Posts