5 matches found
CVE-2025-0177
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileg...
CVE-2025-0177
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileg...
CVE-2025-0177
creationtimestamp| type| source ---|---|--- 2025-03-08 08:37:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6931 2025-03-08 10:30:37+00:00| seen| Telegram/ksq4pACytvPs--pKy4M48iMo3j28usnpQsF2pgKgO4vi4 2025-03-08 11:00:24+00:00| seen| https://t.me/cvedetector/19890 2025-03-08 11:48:17+00:00...
CVE-2025-0177
The CVE-2025-0177 entry concerns the Javo Core WordPress plugin (versions up to 3.0.0.080) that allows users registering new accounts to set their own role, enabling unauthenticated privilege escalation to administrator. Multiple connected sources corroborate the issue, describing unauthenticated...
CVE-2025-0177 Javo Core <= 3.0.0.080 - Unauthenticated Privilege Escalation in ajax_signup
The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileg...