Missing Authorization Issue in Safe Ai Malware Protection by WordPress
CVE-2025-31545

5.4MEDIUM

Key Information:

Vendor: WordPress
Status: Safe Ai Malware Protection For WP
Vendor: CVE Published:; 31 March 2025

What is CVE-2025-31545?

The Missing Authorization vulnerability found in the Safe Ai Malware Protection plugin for WordPress enables attackers to exploit improperly configured access control security levels. This issue could allow unauthorized access, potentially compromising the security of stored data and providing malicious actors with elevated privileges. Users are advised to assess their installations and ensure they update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Safe Ai Malware Protection for WP <= 1.0.20

References

https://patchstack.com/database/wordpress/plugin/safe-ai-...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Mar 31, 2025

Credit

Peter Thaleikis (Patchstack Alliance)