PT-2026-4274 · Webpros · Wordpress Toolkit
Published
2026-01-22
·
Updated
2026-01-25
·
CVE-2025-66428
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WebPros WordPress Toolkit versions prior to 6.9.1
Description
An issue with WordPress directory names in WebPros WordPress Toolkit allows for privilege escalation.
Recommendations
Update WebPros WordPress Toolkit to version 6.9.1 or later.
Fix
LPE
Path traversal
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wordpress Toolkit