CVE Catalog
CVE-2025-49403
HighCVSS 7.5Summary
WordPress versions up to 3.0.2 have a vulnerability that allows unauthenticated arbitrary file download in the Premium Age Verification / Restriction plugin.
Risk Assessment
An attacker could access sensitive files on the server, potentially leading to data leakage or system compromise.
Recommendation
It is recommended to update WordPress to the latest version and review the configuration of the Premium Age Verification / Restriction plugin.
Original NVD description (English source)
Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress <= 3.0.2 versions.

