CVE-2025-8559 in All in One Music Player Plugininfo

Zusammenfassung

von MITRE • 30.09.2025

The All in One Music Player plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.1 via the 'theme' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of files on the server, which can contain sensitive information.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

30.09.2025

Moderieren

akzeptiert

Eintrag

VDB-326279

CPE

bereit

CWE

CWE-22 (bestätigt)

CVSS

6.5 (CNA)

EPSS

0.00064

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-8559
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-8559
CVE Details	https://www.cvedetails.com/cve/CVE-2025-8559/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!