Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/30 11:15 a.m.12 views

CVE-2025-2815

The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminzimportbackup function in all versions up to, and including, 2025.03.24. This makes it possible for authenticated...

8.8CVSS7.3AI score0.00334EPSS
Exploits0References1
CVE
CVE
added 2025/03/28 11:13 a.m.52 views

CVE-2025-2815

The CVE-2025-2815 entry concerns the Administrator Z plugin for WordPress. A missing capability check in adminz_import_backup() allows authenticated users with Subscriber+ access to modify arbitrary options, enabling privilege escalation (e.g., setting the default registration role to administrat...

8.8CVSS7.3AI score0.00334EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/28 11:13 a.m.5 views

CVE-2025-2815 Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminzimportbackup function in all versions up to, and including, 2025.03.24. This makes it possible for authenticated...

8.8CVSS7.4AI score0.00334EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/28 11:13 a.m.15 views

CVE-2025-2815 Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminzimportbackup function in all versions up to, and including, 2025.03.24. This makes it possible for authenticated...

8.8CVSS0.00334EPSS
Exploits0References2
Rows per page
Query Builder