5 matches found
Exploit for CVE-2025-2266
🚨 CVE-2025-2266 — WordPress Plugin Exploit 🔍 Vulnerability...
CVE-2025-2266
creationtimestamp| type| source ---|---|--- 2025-03-29 07:28:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9538 2025-03-29 08:40:22+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lliwlmvy752m 2025-03-29 09:31:14+00:00| seen|...
CVE-2025-2266
The CVE-2025-2266 entry concerns the WordPress plugin Checkout Mestres do WP for WooCommerce. Affected versions: 8.6.5–8.7.5. Root cause: a missing capability check in cwmpUpdateOptions() that allows unauthenticated modification of options. Impact: attackers can update arbitrary WordPress options...
CVE-2025-2266 Checkout Mestres do WP for WooCommerce 8.6.5 - 8.7.5 - Unauthenticated Arbitrary Options Update
The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated...
CVE-2025-2266 Checkout Mestres do WP for WooCommerce 8.6.5 - 8.7.5 - Unauthenticated Arbitrary Options Update
The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated...