PT-2025-37128 · WordPress · Propovoice: All-In-One Client Management System
Michael Mazzolini
·
Published
2025-09-11
·
Updated
2025-09-16
·
CVE-2025-8422
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Propovoice: All-in-One Client Management System plugin for WordPress versions through 1.7.6.7
Description
The Propovoice: All-in-One Client Management System plugin for WordPress is susceptible to an arbitrary file read issue. This allows unauthenticated attackers to read the contents of arbitrary files on the server, potentially exposing sensitive information. The vulnerability resides within the
send email() function.Recommendations
Update Propovoice: All-in-One Client Management System plugin for WordPress to a version later than 1.7.6.7.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Propovoice: All-In-One Client Management System