Rewterz

CVE-2025-22230 – VMware Tools Vulnerability

March 26, 2025
Rewterz

Multiple IBM Products Vulnerabilities

March 26, 2025

Multiple WordPress Plugins Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-30567 CVSS:7.5

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wp01ru WP01 allows Path Traversal. This issue affects WP01: from n/a through 2.6.2.

CVE-2025-28904 CVSS:9.3

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.

Impact

  • Data Manipulation
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2025-30567

  • CVE-2025-28904

Affected Vendors

  • WordPress

Affected Products

  • wp01ru WP01 - n/a
  • Shamalli Web Directory Free - n/a

Remediation

Update the Wordpress plugin to the latest available version.

CVE-2025-30567

CVE-2025-28904

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.