CVE-2025-2267 MEDIUM

CVE-2025-2267: WP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File Download

Vendor Wp01Ru
Product WP01 – Speed, Security, SEO consultant
Weakness CWE-862 · Missing authorization
Published March 15, 2025
Last update April 8, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the make_archive() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to download and read the contents of arbitrary files on the server, which can contain sensitive information. CVE-2025-30567 is a duplicate of this issue.

Explanation of Vulnerability in Simple Terms

02Summary

WP01 – Speed, Security, SEO consultant versions 2.6.2 and earlier lack proper authorization checks, allowing authenticated users to access sensitive information they should not be able to view. An attacker with a low-privilege account can read data intended for higher-privilege users. Update to a version newer than 2.6.2 to resolve this issue.

What an attacker can do

03Attacker Capabilities

Read sensitive data and information restricted to higher-privilege users.

Potential impact on your site

04Site Impact

Authenticated users can access confidential information beyond their permission level, risking data exposure.

Conditions required to exploit

05Prerequisites

Attacker must have a low-privilege account on the site; no user interaction required.

Key dates

06Disclosure timeline

March 15, 2025 CVE published
April 8, 2026 Record updated