cleantalk
Vulnerabilities and Security Researches

Birth Chart Compatibility, CVE-2025-6082

CVE, Research URL

CVE-2025-6082

Home page URL

Security reports for Birth Chart Compatibility

Application

Birth Chart Compatibility

Published on
Jul 22, 2025
Research Description
The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0. This is due to insufficient protection against directly accessing the plugin's index.php file, which causes an error exposing the full path. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website.
Affected versions
Min -, max 2.0.
Status
vulnerable
Previous vulnerability researches
Custom Order Statuses for WooCommerce (CVE-2024-32524) , Jun 07, 2024
Custom Order Statuses for WooCommerce (CVE-2024-25930) , Jun 07, 2024
New vulnerability
CRM and Lead Management by vcita (CVE-2025-5240) , Jul 23, 2025
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (CVE-2025-4685) , Jul 23, 2025
Pixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Galle (CVE-2025-7644) , Jul 23, 2025
bSecure – Your Universal Checkout (CVE-2025-6187) , Jul 23, 2025
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-6831) , Jul 23, 2025