VDB
CVE-2025-5814
CVE-2025-5814
PUBLISHED
CVSS 5.300000190734863 MEDIUM
The Profiler – What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsd_plugin_control() function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to reactivate previously deactivated plugins after accessing the "Profiler" page.
EPSS 0.39% · 60.5th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
0.39%
60.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| switcorp | Profiler – What Slowing Down Your WP | * |
Exploit Intelligence
Timeline
- Jun 7, 2025 EPSS Score
- Jun 7, 2025 CVE Published
- Jun 7, 2025 PoC Published
- Jun 18, 2025 EPSS Score
- Jun 28, 2025 EPSS Score
- Jul 9, 2025 EPSS Score
- Jul 19, 2025 EPSS Score
- Jul 30, 2025 EPSS Score
- Aug 10, 2025 EPSS Score
- Aug 20, 2025 EPSS Score
- Aug 31, 2025 EPSS Score
- Sep 10, 2025 EPSS Score