3 matches found
CVE-2025-39366
Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...
CVE-2025-39366
CVE-2025-39366 corresponds to an Incorrect Privilege Assignment vulnerability in WordPress theme wProject (versions before 5.8.0). It enables Privilege Escalation for authenticated users with Subscriber+ privileges. The CVSSv3.1 vector is AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 8...
WordPress wProject Theme < 5.8.0 is vulnerable to Privilege Escalation
Software wProject Type Theme Vulnerable versions 5.8.0 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2025-39366 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID dc57f98abe0c Credits Dave Jong Patchstack Required privileg...