CVE-2025-7772 – “WordPress Malware Removal Plugin Arbitrary File Read Vulnerability”

July 18, 2025

CVE ID : CVE-2025-7772

Published : July 18, 2025, 7:15 a.m. | 3 hours, 42 minutes ago

Description : The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmr_inspect_file() function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-27779 – FortiSandbox FortiIsolator Insufficient Session Expiration Vulnerability

Next Article CVE-2025-7438 – MasterStudy LMS Pro WordPress Arbitrary File Upload Vulnerability

Highlights

CVE-2025-5699 – WordPress Developer Formatter Stored Cross-Site Scripting Vulnerability

June 6, 2025

CVE ID : CVE-2025-5699

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : The Developer Formatter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS in all versions up to, and including, 2015.0.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-7772 – “WordPress Malware Removal Plugin Arbitrary File Read Vulnerability”

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

50+ Best Branding Identity Mockup Templates for Designers

CVE-2025-52463 – Active! Mail CSRF Email Sending

etcd – distributed reliable key-value store

Netflix Tudum Architecture: from CQRS with Kafka to CQRS with RAW Hollow

CVE-2025-5699 – WordPress Developer Formatter Stored Cross-Site Scripting Vulnerability

CVE-2025-7384 – “Elementor Forms PHP Object Injection Vulnerability”

Affordable 4o Image API for Fast Image Generation

I’ve got my eye on this Kindle Essentials bundle deal during Amazon Prime Day (and its price dropped lower)

CVE-2025-7772 – “WordPress Malware Removal Plugin Arbitrary File Read Vulnerability”

Related Posts