Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2
Critical0
High1
Medium1
Reset
Showing 1-2 of 2 records
Threat Entry Updated 2025-07-22

CVE-2025-7772 - 1 Toolset For Wordpress Malware Removal Plugin

The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 16.8 via the wpmr_inspect_file() function due to a missing capability check. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

PLUGIN 1 Toolset For Wordpress Malware Removal

CVE-2025-7772

MEDIUM CVSS 6.5 2025-07-18
Open Full Technical Breakdown
Threat Entry Updated 2025-07-16

CVE-2025-6043 - 1 Toolset For Wordpress Malware Removal Plugin

The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() function in all versions up to, and including, 16.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files making remote code execution possible. This is only exploitable when advanced mode is enabled on the site.

PLUGIN 1 Toolset For Wordpress Malware Removal

CVE-2025-6043

HIGH CVSS 8.1 2025-07-16
Open Full Technical Breakdown
Scroll to top