2 matches found
CVE-2025-4315
Summary: CVE-2025-4315 affects the CubeWP – All-in-One Dynamic Content Framework plugin for WordPress. The vulnerability is an authenticated privilege-escalation flaw exploitable by users with Subscriber+ privileges to elevate to Administrator via improper handling of update_user_meta(), affectin...
WordPress CubeWP Framework plugin <= 1.1.23 - Authenticated (Subscriber+) Privilege Escalation vulnerability
Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Foxyyy in WordPress Plugin CubeWP versions = 1.1.23...