{"id":75982,"date":"2025-09-18T21:56:07","date_gmt":"2025-09-18T21:56:07","guid":{"rendered":""},"modified":"2025-10-03T23:55:44","modified_gmt":"2025-10-04T05:55:44","slug":"cve-2025-9018-unauthorized-modification-and-data-loss-vulnerability-in-time-tracker-plugin-for-wordpress","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-9018-unauthorized-modification-and-data-loss-vulnerability-in-time-tracker-plugin-for-wordpress\/","title":{"rendered":"CVE-2025-9018: Unauthorized Modification and Data Loss Vulnerability in Time Tracker Plugin for WordPress<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

This blog post focuses on the critical vulnerability CVE-2025-9018, a significant security issue found in the Time Tracker Plugin for WordPress. The vulnerability lies in its ability to allow for unauthorized modification and loss of data, which puts multiple WordPress sites at a high risk. The presence of this vulnerability in a widely-used plugin like Time Tracker<\/a> underlines its potential severity and the need for immediate mitigation.
\nThe flaw affects all versions up to, and including, 3.1.0 of the plugin and potentially exposes websites to system<\/a> compromise and data leakage. Given WordPress’s popularity as a content management system<\/a>, this vulnerability could impact a significant number of websites, making this issue both critical and broadly applicable.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-9018
\nSeverity: High (8.8)
\nAttack Vector: Network
\nPrivileges Required: Low (Subscriber level)
\nUser Interaction: Required
\nImpact: Unauthorized modification<\/a> and deletion of data, potential system compromise and data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n