Lucene search
K

WordPress Blaze Demo Importer plugin <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install vulnerability

๐Ÿ—“๏ธย 16 Sep 2025ย 14:19:00Reported byย wesley (wcraft)Typeย 
patchstack
ย patchstack
๐Ÿ”—ย patchstack.com๐Ÿ‘ย 10ย Views

Blaze Demo Importer plugin versions up to 1.0.12 have broken access control; fixed in 1.0.13 (CVE-2025-8446).

Related
Detection
Vulners
Node
wordpressblaze_demo_importerRangeโ‰ค1.0.12

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Sep 2025 14:19Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.14.3
EPSS0.00219
SSVC
10