5 matches found
CVE-2025-3101
The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with...
CVE-2025-3101
creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13208 2025-04-24 10:15:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkhz7wwm22v 2025-04-24 11:48:18+00:00| seen|...
CVE-2025-3101 Configurator Theme Core <= 1.4.7 - Authenticated (Subscriber+) Privilege Escalation
The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with...
CVE-2025-3101 Configurator Theme Core <= 1.4.7 - Authenticated (Subscriber+) Privilege Escalation
The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This makes it possible for authenticated attackers, with...
WordPress Configurator Theme Core plugin <= 1.4.7 - Authenticated (Subscriber+) Privilege Escalation vulnerability
Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Tonn in WordPress Plugin Configurator Theme Core versions = 1.4.7...