CVE-2025-49900
CVE-2025-49900 describes an Incorrect Privilege Assignment in the WordPress plugin Advanced Scrollbar (Advanced Scrollbar – Custom Scrollbar Styling and Behavior) , enabling Privilege Escalation for authenticated users (Subscriber+). Affected range is “from n/a through