{"id":8266,"date":"2025-07-16T22:48:56","date_gmt":"2025-07-16T22:48:56","guid":{"rendered":"http:\/\/localhost\/?p=8266"},"modified":"2025-07-16T22:48:56","modified_gmt":"2025-07-16T22:48:56","slug":"madara-core-223-unauthenticated-arbitrary-file-deletion","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8266","title":{"rendered":"Madara – Core <= 2.2.3 - Unauthenticated Arbitrary File Deletion"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nMadara – Core <= 2.2.3 - Unauthenticated Arbitrary File Deletion<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-17T02:24:33.749Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-17T02:24:33.749Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nMangaBooth<\/td>\n<\/tr>\n
Product<\/th>\nMadara – Core<\/td>\n<\/tr>\n
Version<\/th>\n*<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n9.1 (CRITICAL)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:H<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n\n
AI Description<\/th>\nThe Madara – Core WordPress plugin is vulnerable to arbitrary file deletion, allowing attackers to delete any file on the server, potentially leading to remote code execution. This affects all versions up to 2.2.3.<\/td>\n<\/tr>\n
AI Severity<\/th>\nCritical<\/td>\n<\/tr>\n
AI Vendor<\/th>\nMangaBooth<\/td>\n<\/tr>\n
AI Product<\/th>\nMadara – Core<\/td>\n<\/tr>\n
AI Version<\/th>\n2.2.3 and below<\/td>\n<\/tr>\n
AI Score<\/th>\n9.1<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n