Vulnerabilities and security researches forwp-malware-removal wp-malware-removal
Direction: ascendingJun 14, 2025
Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal # 24596766a0adccfc0371fdbefc213380e7bbc7c5
- CVE, Research URL
- Home page URL
-
Security reports for Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal
- Date
- Jun 13, 2025
- Research Description
- Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal [wp-malware-removal] < 16.9 WordPress Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal Plugin <= 16.8 is vulnerable to Broken Access Control <p>WordPress Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal Plugin <= 16.8 is vulnerable to Broken Access Control</p><p>Software: Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal</p><p>Fixed in version 16.9 </p><p>Affected Version <= 16.8</p>
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Jul 19, 2025
Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal # CVE-2025-6043
- CVE, Research URL
- Home page URL
-
Security reports for Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal
- Date
- Jul 16, 2025
- Research Description
- The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() function in all versions up to, and including, 16.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files making remote code execution possible. This is only exploitable when advanced mode is enabled on the site.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable