WordPress Takeads plugin <= 1.0.13 - Missing Authorization to Plugin Settings Deletion vulnerability

Missing Authorization to Plugin Settings Deletion vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Takeads versions = 1.0.13...

CVE-2025-12370

The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.13. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2025-12370

The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.13. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2025-12370 Takeads <= 1.0.13 - Missing Authorization to Plugin Settings Deletion

The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.13. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2025-12370 Takeads <= 1.0.13 - Missing Authorization to Plugin Settings Deletion

The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.13. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2025-12370

CVE-2025-12370 affects the WordPress Takeads plugin, with exploitation described as an authorization bypass in all versions up to and including 1.0.13. The vulnerability allows authenticated users with subscriber-level access and above to delete the plugin’s configuration options due to improper ...

PT-2025-49211

The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.13. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access an...

WordPress plugin Takeads 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...