Primary

Context

Premium Age Verification and Restriction for WordPress Arbitrary File Read and Write Vulnerability

Vulnerability

A vulnerability allowing unauthenticated arbitrary file read and write has been identified in the Premium Age Verification / Restriction for WordPress plugin, affecting all versions through 3.0.2. The issue arises from an insufficiently protected remote support feature in remote_tunnel.php, which could lead to the exposure of sensitive information or allow remote code execution.

Impact

Exploitation of this vulnerability could result in unauthorized access to read from or write to arbitrary files on the affected server, potentially leading to the exposure of sensitive information or allowing remote code execution.

Remediation

No known patch is available. It is recommended to review the vulnerability details and consider uninstalling the affected plugin.

Added: Jul 11, 2025, 5:17 AM

Updated: Jul 11, 2025, 5:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Premium Age Verification and Restriction for WordPress Arbitrary File Read and Write Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating