cleantalk
Vulnerabilities and Security Researches

WP-LESS, CVE-2025-31550

CVE, Research URL

CVE-2025-31550

Home page URL

Security reports for WP-LESS

Application

WP-LESS

Published on
Apr 02, 2025
Research Description
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS allows Retrieve Embedded Sensitive Data. This issue affects WP-LESS: from 1.9.3 through 3.
Affected versions
Min -, max 1.9.3-3.
Status
vulnerable
Previous vulnerability researches
Church Admin (CVE-2024-50438) , Oct 28, 2024
Church Admin (CVE-2024-37440) , Jul 02, 2024
Church Admin (CVE-2024-53795) , Dec 08, 2024
Church Admin (CVE-2025-26941) , Mar 28, 2025
Church Admin (CVE-2024-37418) , Jul 08, 2024
New vulnerability
AI Search Bar (CVE-2025-31563) , Apr 04, 2025
Ship Per Product (CVE-2025-31773) , Apr 04, 2025
ContentBot AI Writer (ChatGPT, GPT3, GPT4) (CVE-2025-31818) , Apr 04, 2025
Oracle Cards Lite (CVE-2025-30852) , Apr 04, 2025
SCSS WP Editor (CVE-2025-31808) , Apr 04, 2025