Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3300

The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with Administrator-level access and above, to read and modify the contents of arbitrary files on the server, which can contain sensitive information.

Published

2025-04-24T09:15:31.203

Last Modified

2025-04-29T13:52:47.470

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Secondary
CWE-22

Affected Vendors & Products

References

https://wordpress.org/plugins/wpmastertoolkit/ ([email protected])
https://www.wordfence.com/threat-intel/vulnerabilities/id/c389ba1a-45c5-4fba-9b99-0713fe39da42?source=cve ([email protected])