CVE-2025-5814 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-5814 PUBLISHED CVSS 5.300000190734863 MEDIUM

The Profiler – What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsd_plugin_control() function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to reactivate previously deactivated plugins after accessing the "Profiler" page.

EPSS 0.19% · 41.2th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Score

0.19%

41.2th percentile

Affected Products

Vendor	Product	Versions
switcorp	Profiler – What Slowing Down Your WP	*

Timeline

Jun 7, 2025 EPSS Score
Jun 7, 2025 CVE Published
Jun 7, 2025 PoC Published
Jun 17, 2025 EPSS Score
Jun 27, 2025 EPSS Score
Jul 7, 2025 EPSS Score
Jul 17, 2025 EPSS Score
Jul 27, 2025 EPSS Score
Aug 6, 2025 EPSS Score
Aug 16, 2025 EPSS Score
Aug 26, 2025 EPSS Score
Sep 5, 2025 EPSS Score

References

Open in Interactive Console →