3 matches found
CVE-2025-4683
creationtimestamp| type| source ---|---|--- 2025-05-27 03:36:17+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq4r3u2kqt52...
CVE-2025-4683
CVE-2025-4683 affects the WordPress plugin “MStore API – Create Native Android & iOS Apps On The Cloud” up to and including version 4.17.5. The root cause is a missing capability check in the create_blog function, enabling authenticated attackers with Subscriber-level access and above to create n...
CVE-2025-4683 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.17.5 - Missing Authorization to Authenticated (Subscriber+) Posts Creation
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createblog function in all versions up to, and including, 4.17.5. This makes it possible for authenticated attackers, wit...