CVE-2025-11705 - Geek Feed

Security
Tech News

WordPress security plugin exposes private data to site subscribers

November 1, 2025November 1, 2025 geekfeed0Tagged CVE-2025-11705, Information Disclosure, Plugin, security, vulnerability, Website, wordpress

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposing private information. The plugin provides malware scanning and protection against brute-force attacks, exploitation of known plugin flaws, and against database injection attempts. Identified as CVE-2025-11705, the […]

2 mins read