CVE-2025-3702: WordPress Melapress File Monitor plugin < 2.2.0 - Broken Access Control vulnerability
Published Jul 3, 2025
·Updated
Missing Authorization vulnerability in Melapress Melapress File Monitor website-file-changes-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Melapress File Monitor: from n/a through < 2.2.0.
Affected Software
2 affected components
Melapress File Monitor<2.2.0
Melapress Melapress File Monitor WordPress<2.2.0
Remediation
Information
Update the WordPress Melapress File Monitor plugin to the latest available version (at least 2.2.0).
Event History
Jul 3, 2025
CVE Published
via MITRE·12:14 PM
Data Sourced
via MITRE·12:14 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·01:15 PM
DescriptionWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2025-3702?
The severity of CVE-2025-3702 is classified as a medium severity vulnerability due to the potential for unauthorized access.
2
How do I fix CVE-2025-3702?
To fix CVE-2025-3702, upgrade Melapress File Monitor to version 2.2.0 or later.
3
What causes CVE-2025-3702?
CVE-2025-3702 is caused by missing authorization checks in the Melapress File Monitor plugin.
4
Which versions of Melapress File Monitor are affected by CVE-2025-3702?
All versions of Melapress File Monitor before 2.2.0 are affected by CVE-2025-3702.
5
What are the consequences of exploitation of CVE-2025-3702?
Exploitation of CVE-2025-3702 could allow an attacker to gain unauthorized access to restricted file monitoring capabilities.