cleantalk
Vulnerabilities and Security Researches

WP Performance Pack, CVE-2025-28938

CVE, Research URL

CVE-2025-28938

Home page URL

Security reports for WP Performance Pack

Application

WP Performance Pack

Published on
Mar 12, 2025
Research Description
Missing Authorization vulnerability in Bjoern WP Performance Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Performance Pack: from n/a through 2.5.3.
Affected versions
Min -, max 2.5.3.
Status
vulnerable
Previous vulnerability researches
WP Performance Pack (CVE-2025-28938) , Mar 13, 2025
New vulnerability
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2024-13887) , Mar 14, 2025
AppPresser – Mobile App Framework (CVE-2025-1561) , Mar 14, 2025
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2025-1119) , Mar 14, 2025
CRM and Lead Management by vcita (CVE-2024-13703) , Mar 14, 2025
WP Recipe Maker (CVE-2025-1503) , Mar 14, 2025