CVE-2025-3300

Name of the Vulnerable Software and Affected Versions WPMasterToolKit (WPMTK) versions up to, and including, 2.5.2

Description The issue allows authenticated attackers with Administrator-level access and above to read and modify the contents of arbitrary files on the server, potentially containing sensitive information. This is due to a Directory Traversal vulnerability.

Recommendations For versions up to, and including, 2.5.2, update to a version higher than 2.5.2 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files on the server to minimize the risk of exploitation.