9 matches found
CVE-2025-12372
The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...
EUVD-2025-197937
The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...
CVE-2025-12372
The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...
CVE-2025-12372
The CVE-2025-12372 entry concerns The Permalinks Cascade plugin for WordPress (up to version 2.2). The root cause is Missing Authorization in the handleTPCAdminAjaxRequest path, enabling authenticated users with subscriber-level access and above to perform unauthorized administrative actions (e.g...
CVE-2025-12372 The Permalinks Cascade <= 2.2 - Missing Authorization To Authenticated (Subscriber+) Plugin Settings Update
The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...
CVE-2025-12372 The Permalinks Cascade <= 2.2 - Missing Authorization To Authenticated (Subscriber+) Plugin Settings Update
The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...
PT-2025-47255
Name of the Vulnerable Software and Affected Versions Permalinks Cascade plugin for WordPress versions up to and including 2.2 Description The Permalinks Cascade plugin for WordPress does not properly verify user authorization when performing certain actions. Specifically, the...
WordPress plugin Permalinks Cascade 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress The Permalinks Cascade plugin <= 2.2 - Missing Authorization To Authenticated (Subscriber+) Plugin Settings Update vulnerability
Missing Authorization To Authenticated Subscriber+ Plugin Settings Update vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin The Permalinks Cascade versions = 2.2...