A newly discovered high-severity vulnerability CVE-2025-6043 affects the Malcure Malware Scanner plugin for WordPress, enabling low-privilege users to delete files and potentially execute remote code. With no patch released yet, website owners are advised to disable or uninstall the plugin to avoid exploitation. #CVE-2025-6043 #MalcureVulnerability
Keypoints
- The vulnerability impacts versions up to and including 16.8 of the Malcure Malware Scanner plugin.
- Authenticated users with low privileges, such as subscribers, can exploit the flaw to delete arbitrary files.
- No patch is available as of now, and users are recommended to disable or uninstall the plugin.
- The flaw allows for remote code execution if advanced mode is enabled, risking site integrity.
- Site owners should monitor updates and enforce security best practices until a fix is issued.
Read More: https://thecyberexpress.com/malcure-vulnerability-cve-2025-6043/