Home > Vulnerability Database > CVE-2019-25149

Mend.io Vulnerability Database

CVE-2019-25149

Good to know:

Date: June 6, 2023

The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authenticated attackers with any capability level to deactivate any plugin on the site, including plugins necessary to site functionality or security.

Language: PHP

Severity Score

4.3

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2019-25149

Url: https://www.wordfence.com/threat-intel/vulnerabilities/id/dfd6c2b8-b00c-49d1-930f-50397e742ac5?source=cve

Url: https://blog.nintechnet.com/wordpress-ape-gallery-plugin-fixed-authenticated-arbitrary-plugin-deactivation-vulnerability/

Url: https://www.mend.io/vulnerability-database/CVE-2019-25149

Severity Score

4.3

Top Fix

Upgrade Version

Upgrade to version 2.0.7

Learn More

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2019-25149

Good to know:

Date: June 6, 2023

Language: PHP

Severity Score

Related Resources (4)

Severity Score

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?