Vulnerabilities and security researches forwptools wptools

Jun 07, 2024

CVE, Research URL: CVE-2022-3881
Home page URL: Security reports for WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log
Application: WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log
Date: Dec 12, 2022
Research Description: The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2022-43453
Home page URL: Security reports for WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log
Application: WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log
Date: Jun 21, 2024
Research Description: Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n/a through 3.41.
Affected versions: Min -, max -.
Status: vulnerable

Apr 17, 2025

CVE, Research URL: CVE-2025-39544
Home page URL: Security reports for WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log
Application: WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log
Date: Apr 16, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi WP Tools allows Path Traversal. This issue affects WP Tools: from n/a through 5.18.
Affected versions: Min -, max -.
Status: vulnerable