4 matches found
CVE-2025-0952
The Eco Nature - Environment & Ecology WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmastershideadminnotice' AJAX action in all versions up to, and including, 2.0.4. This mak...
CVE-2025-0952
creationtimestamp| type| source ---|---|--- 2025-03-14 05:46:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7533 2025-03-14 06:41:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkcyxjwog32s 2025-03-14 07:48:37+00:00| seen|...
CVE-2025-0952
CVE-2025-0952 affects the Eco Nature - Environment & Ecology WordPress Theme. A missing capability check on the cmsmasters_hide_admin_notice AJAX action in all versions up to 2.0.4 allows authenticated users with Subscriber+ access to modify options (e.g., setting hide) and potentially cause a de...
CVE-2025-0952 Eco Nature - Environment & Ecology WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
The Eco Nature - Environment & Ecology WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmastershideadminnotice' AJAX action in all versions up to, and including, 2.0.4. This mak...