3 matches found
CVE-2025-11632 Call Now Button <= 1.5.4 - Authenticated (Subscriber+) Missing Authorization to Multiple Functions
The Call Now Button – The 1 Click to Call Button for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with...
CVE-2025-11632 Call Now Button <= 1.5.4 - Authenticated (Subscriber+) Missing Authorization to Multiple Functions
The Call Now Button – The 1 Click to Call Button for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with...
CVE-2025-59815 Authenticated Remote Code Execution in the Billing Administration portal
This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the device’s availability, confidentiality, and integrity...