3 matches found
CVE-2025-1279
creationtimestamp| type| source ---|---|--- 2025-04-25 09:07:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13393 2025-04-25 10:44:55+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnmxlgopkhb2 2025-04-25 11:00:18+00:00| seen|...
CVE-2025-1279 BM Content Builder <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the uxcbtoolsimportitemajax AJAX action in all versions up to, and including, 3.16.2.1. This makes it possible for authenticate...
WordPress BM Content Builder plugin <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by Tonn in WordPress Plugin BM Content Builder versions = 3.16.2.1...