4 matches found
CVE-2025-3915
The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2025-3915
creationtimestamp| type| source ---|---|--- 2025-04-26 06:08:46+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13567 2025-04-26 06:12:53+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnp3eesuwja2 2025-04-26 07:39:17+00:00| seen|...
CVE-2025-3915 Aeropage Sync for Airtable <= 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion
The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and...
WordPress Aeropage Sync for Airtable plugin <= 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Post Deletion vulnerability discovered by Cheng Liu in WordPress Plugin Aeropage Sync for Airtable versions = 3.2.0...