WordPress Malware Scanner Plugin Contains Vulnerability

Jul 16, 2025 | SEO News Feeds | 0 comments

Wordpress Malware Scanner Plugin Contains Vulnerability.jpg



SEO Content Writing Service

Wordfence published an advisory on the WordPress Malcure Malware Scanner plugin, which was discovered to have a vulnerability rated at a severity level of 8.1. At the time of publishing, there is no patch to fix the problem.

Screenshot Showing 8.1 Severity Rating

Malcure Malware Scanner Vulnerability

The Malcure Malware Scanner plugin, installed on over 10,000 WordPress websites, is vulnerable to “Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() function” by authenticated attackers. The fact that an attacker needs authentication as a user makes it a little less likely for it to be exploited, however not by much because it only requires subscriber level authentication, which is the lowest level of authentication. The “subscriber” role is the default level of registration on a WordPress website (if registration is allowed).

According to Wordfence:

“This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files making remote code execution possible. This is only exploitable when advanced mode is enabled on the site.”

There is no known patch available for the plugin and users are cautioned to take necessary actions such as uninstalling the plugin to mitigate risk.

The plugin is currently unavailable for download with a notice showing that it is under review.

Screenshot Of Malcure Plugin At WordPress Repository

Read More WordPress News

WordPress Update 6.8.2 – Ends Security Support For 0.9% of Sites

Featured Image by Shutterstock/Kues

 

Attorney Websites For Sale 4ebusiness Media Group

Source link


Anxiety Stress Management

Live a Life of Contentment eBook We all want to be satisfied, even though we know some people who will never be that way, and others who see satisfaction as a foreign emotion that they can’t hope to ever feel.

Newspaper Ads Canyon Crest CA

Click To See Full Page Ads

Click To See Half Page Ads

Click To See Quarter Page Ads

Click To See Business Card Size Ads

If you have questions before you order, give me a call @ 951-235-3518 or email @ canyoncrestnewspaper@gmail.com Like us on Facebook Here

You May Also Like

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Contact Us

Contact Us

Personal Injury Attorney

Websites For Sale Personal Injury Attorneys

Criminal Defense Attorneys

Websites For Sale Criminal Defense Attorney

Bankruptcy Attorneys

Websites For Sale Bankruptcy Attorneys

General Practice Attorneys

Websites For Sale General Practice Attorneys

Family Attorneys

Websites For Sale Family Attorneys

Corporate Attorneys

Websites For Sale Corporate Attorneys

4ebusiness Media Group

Our web agency is based in Riverside, CA since 2010. With a team of creative web developers and marketers, we have been providing high-quality, fast and affordable websites for small businesses.

QUICK LINKS

• About Us

• Our Services

• Contact

• Blog

CONTACT 

Phone number

(951) 235-3518

EMAIL

service4ebusiness@gmail.com

OFFICE HOUR

Monday-Friday: 10:00 – 5:00 PST

Riverside, California

Saturday: Closed

Sunday: Closed

Holidays: Closed

Copyright 2024 – 4ebusiness Media Group All Rights Reserved.

Home Privacy Policy Terms Of Use Anti Spam Policy Contact Us Affiliate Disclosure Amazon Affiliate Disclaimer DMCA Earnings Disclaimer