Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/02 7:44 a.m.14 views

CVE-2025-4631

The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktendobject endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the saveobjectasuser function for objects whose 'datatype' is set to 'users',. This allows...

9.8CVSS7.1AI score0.00617EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/05/31 12:0 p.m.357 views

Exploit for CVE-2025-4631

🚨 CVE-2025-4631 - Profitori WordPress Plugin Privilege Escala...

9.8CVSS7.7AI score0.00617EPSS
Exploits1
Cvelist
Cvelist
added 2025/05/31 6:40 a.m.41 views

CVE-2025-4631 Profitori 2.0.6.0 - 2.1.1.3 - Missing Authorization to Unauthenticated Privilege Escalation via stocktend_object Endpoint

The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktendobject endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the saveobjectasuser function for objects whose 'datatype' is set to 'users',. This allows...

9.8CVSS0.00617EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/05/31 6:40 a.m.10 views

CVE-2025-4631 Profitori 2.0.6.0 - 2.1.1.3 - Missing Authorization to Unauthenticated Privilege Escalation via stocktend_object Endpoint

The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktendobject endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the saveobjectasuser function for objects whose 'datatype' is set to 'users',. This allows...

9.8CVSS9.5AI score0.00617EPSS
Exploits1References6
Rows per page
Query Builder