Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3104

The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest() function. This makes it possible for unauthenticated attackers to reveal outdated installed active or inactive plugins.

Published

2025-04-16T09:15:28.030

Last Modified

2025-04-16T13:25:37.340

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-200

Affected Vendors & Products

References

https://wp-staging.com/wp-staging-pro-changelog/ ([email protected])
https://www.wordfence.com/threat-intel/vulnerabilities/id/572e290e-9324-4c17-8c3b-fa67233b15c4?source=cve ([email protected])