Vulnerabilities and security researches forwp-memory wp-memory

Jul 29, 2025

CVE, Research URL: CVE-2025-8104
Home page URL: Security reports for Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions
Application: Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions
Date: Jul 27, 2025
Research Description: The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.98. This is due to missing nonce validation in the wpmemory_install_plugin() function. This makes it possible for unauthenticated attackers to silently install one of the several whitelisted plugins via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2022-3882
Home page URL: Security reports for Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions
Application: Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions
Date: Dec 12, 2022
Research Description: The Memory Usage, Memory Limit, PHP and Server Memory Health Check and Fix Plugin WordPress plugin before 2.46 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org
Affected versions: Min -, max -.
Status: vulnerable