Primary

Context

AresIT WP Compress Weak Authentication Vulnerability

Vulnerability

Patched

A weak authentication vulnerability allowing authentication abuse has been identified in the AresIT WP Compress plugin for WordPress, affecting versions through 6.30.30. This vulnerability can be exploited to perform actions that should only be available to users with higher privileges, potentially leading to unauthorized admin access on the website.

Impact

Exploitation of this vulnerability could allow a malicious actor to gain admin access to the affected WordPress site.

Remediation

Users of the WP Compress plugin should update to version 6.30.31 or later. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Jul 4, 2025, 1:18 PM

Updated: Jul 4, 2025, 1:18 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

5.0

exploitability

7.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

5.0

exploitability

7.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AresIT WP Compress Weak Authentication Vulnerability

Vulnerability

Impact

Remediation

Affected Products

AresIT WP Compress

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating