cleantalk
Vulnerabilities and Security Researches

Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions, CVE-2025-8104

CVE, Research URL

CVE-2025-8104

Home page URL

Security reports for Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions

Application

Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions

Published on
Jul 27, 2025
Research Description
The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.98. This is due to missing nonce validation in the wpmemory_install_plugin() function. This makes it possible for unauthenticated attackers to silently install one of the several whitelisted plugins via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
Min -, max 3.99.
Status
vulnerable
Previous vulnerability researches
Flow-Flow Social Feed Stream (f323f92085eab76ce72ef3e953ee307aa7c527e3) , Jun 07, 2024
New vulnerability
Brizy – Page Builder (CVE-2025-4370) , Jul 29, 2025
Thumbnail carousel slider (CVE-2015-10144) , Jul 29, 2025
Memory Usage, Memory Limit, PHP and Server Memory Health Check and Provide Suggestions (CVE-2025-8104) , Jul 29, 2025
Ebook Store (CVE-2025-7437) , Jul 29, 2025
Geo Mashup (CVE-2025-48293) , Jul 29, 2025