6 matches found
WordPress age-restriction plugin missing authorization vulnerability
The WordPress age-restriction plugin is a plugin used to add age verification functionality to a WordPress website, the main purpose of which is to restrict access to certain content or features to users who have not reached a specific age. The WordPress age-restriction plugin suffers from a lack...
CVE-2025-11855
The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...
CVE-2025-11855
The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...
CVE-2025-11855 Age Restriction <= 3.0.2 - Subscriber+ Privilege Escalation
The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...
CVE-2025-11855
CVE-2025-11855 affects the WordPress plugin “age-restriction” (versions up to 3.0.2). The root cause is missing authorization in the age_restrictionRemoteSupportRequest function, enabling any authenticated user (e.g., a subscriber) to create an administrator account with a hardcoded username and ...
CVE-2025-11855 Age Restriction <= 3.0.2 - Subscriber+ Privilege Escalation
The age-restriction WordPress plugin through 3.0.2 does not have authorisation in the agerestrictionRemoteSupportRequest function, allowing any authenticated users, such as subscriber to create an admin user with a hardcoded username and arbitrary password...