cleantalk
Vulnerabilities and Security Researches

WP Wallcreeper, CVE-2025-7822

CVE, Research URL

CVE-2025-7822

Home page URL

Security reports for WP Wallcreeper

Application

WP Wallcreeper

Published on
Jul 24, 2025
Research Description
The WP Wallcreeper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the admin_notices hook in all versions up to, and including, 1.6.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to enable and disable caching.
Affected versions
Min -, max 1.6.1.
Status
vulnerable
Previous vulnerability researches
WP Wallcreeper (CVE-2025-7822) , Jul 26, 2025
New vulnerability
Frontend File Manager Plugin (CVE-2023-7306) , Jul 27, 2025
Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition (CVE-2025-6441) , Jul 27, 2025
Timber (CVE-2024-45411) , Jul 27, 2025
Advanced iFrame (CVE-2025-6987) , Jul 27, 2025
ReachShip WooCommerce Multi-Carrier & Conditional Shipping (CVE-2025-53213) , Jul 27, 2025