Search criteria
4 vulnerabilities by WHMPress
CVE-2025-39491 (GCVE-0-2025-39491)
Vulnerability from cvelistv5 – Published: 2025-05-16 15:45 – Updated: 2025-05-16 16:20
VLAI?
Title
WordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerability
Summary
Path Traversal vulnerability in WHMPress WHMpress allows Path Traversal. This issue affects WHMpress: from 6.2 through revision.
Severity ?
8.1 (High)
CWE
- CWE-35 - Path Traversal
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Bonds (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T16:20:01.725788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T16:20:07.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://codecanyon.net",
"defaultStatus": "unaffected",
"packageName": "whmpress",
"product": "WHMpress",
"vendor": "WHMPress",
"versions": [
{
"lessThanOrEqual": "revision",
"status": "affected",
"version": "6.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bonds (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePath Traversal vulnerability in WHMPress WHMpress allows Path Traversal.\u003c/p\u003e\u003cp\u003eThis issue affects WHMpress: from 6.2 through revision.\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in WHMPress WHMpress allows Path Traversal. This issue affects WHMpress: from 6.2 through revision."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T15:45:26.153Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/whmpress/vulnerability/wordpress-whmpress-plugin-6-2-revision-9-local-file-inclusion-vulnerability-2?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WHMpress plugin \u003c= 6.2-revision-9 - Local File Inclusion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39491",
"datePublished": "2025-05-16T15:45:26.153Z",
"dateReserved": "2025-04-16T06:23:58.700Z",
"dateUpdated": "2025-05-16T16:20:07.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39492 (GCVE-0-2025-39492)
Vulnerability from cvelistv5 – Published: 2025-05-16 15:45 – Updated: 2025-05-16 16:20
VLAI?
Title
WordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerability
Summary
Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision.
Severity ?
7.5 (High)
CWE
- CWE-35 - Path Traversal
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Bonds (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T16:20:17.532183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T16:20:22.027Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://codecanyon.net",
"defaultStatus": "unaffected",
"packageName": "whmpress",
"product": "WHMpress",
"vendor": "WHMPress",
"versions": [
{
"lessThanOrEqual": "revision",
"status": "affected",
"version": "6.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bonds (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePath Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal.\u003c/p\u003e\u003cp\u003eThis issue affects WHMpress: from 6.2 through revision.\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision."
}
],
"impacts": [
{
"capecId": "CAPEC-139",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-139 Relative Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T15:45:25.612Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/whmpress/vulnerability/wordpress-whmpress-plugin-6-2-revision-9-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WHMpress plugin \u003c= 6.2-revision-9 - Local File Inclusion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39492",
"datePublished": "2025-05-16T15:45:25.612Z",
"dateReserved": "2025-04-16T06:23:58.700Z",
"dateUpdated": "2025-05-16T16:20:22.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9195 (GCVE-0-2024-9195)
Vulnerability from cvelistv5 – Published: 2025-02-28 08:23 – Updated: 2025-02-28 14:47
VLAI?
Title
WHMPress - WHMCS Client Area <= 4.3-revision-3- Authenticated (Subscriber+) Arbitrary Options Update
Summary
The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the update_settings case in the /admin/ajax.php file in all versions up to, and including, 4.3-revision-3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity ?
8.8 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| creativeon | WHMCS Client Area for WordPress by WHMpress |
Affected:
* , ≤ 4.3-revision-3
(semver)
|
Credits
Tonn
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T14:47:12.402011Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T14:47:37.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WHMCS Client Area for WordPress by WHMpress",
"vendor": "creativeon",
"versions": [
{
"lessThanOrEqual": "4.3-revision-3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tonn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the update_settings case in the /admin/ajax.php file in all versions up to, and including, 4.3-revision-3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T08:23:18.568Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8af0c5c-3d7b-416d-9d10-6867fcf909a5?source=cve"
},
{
"url": "https://codecanyon.net/item/whmcs-client-area-whmpress-addon/11218646"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-27T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "WHMPress - WHMCS Client Area \u003c= 4.3-revision-3- Authenticated (Subscriber+) Arbitrary Options Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9195",
"datePublished": "2025-02-28T08:23:18.568Z",
"dateReserved": "2024-09-25T21:14:08.943Z",
"dateUpdated": "2025-02-28T14:47:37.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9193 (GCVE-0-2024-9193)
Vulnerability from cvelistv5 – Published: 2025-02-28 08:23 – Updated: 2025-02-28 13:27
VLAI?
Title
WHMpress <= 6.3-revision-0 - Unauthenticated Local File Inclusion to Arbitrary Options Update
Summary
The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_extended_results() function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. Utilizing the /admin/services.php file, this can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity ?
9.8 (Critical)
CWE
- CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| creativeon | WHMpress - WHMCS WordPress Integration Plugin |
Affected:
* , ≤ 6.3-revision-0
(semver)
|
Credits
Tonn
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T13:25:46.641360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T13:27:05.710Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WHMpress - WHMCS WordPress Integration Plugin",
"vendor": "creativeon",
"versions": [
{
"lessThanOrEqual": "6.3-revision-0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tonn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_extended_results() function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. Utilizing the /admin/services.php file, this can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T08:23:16.275Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f3b0e75-d2f0-48b7-ba33-75c4e998030e?source=cve"
},
{
"url": "https://whmpress.com/docs/change-log/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-27T19:59:20.000+00:00",
"value": "Disclosed"
}
],
"title": "WHMpress \u003c= 6.3-revision-0 - Unauthenticated Local File Inclusion to Arbitrary Options Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9193",
"datePublished": "2025-02-28T08:23:16.275Z",
"dateReserved": "2024-09-25T21:06:08.977Z",
"dateUpdated": "2025-02-28T13:27:05.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}