Lucene search
+L

3 matches found

vulnrichment
vulnrichment
added 2025/05/27 11:14 a.m.16 views

CVE-2025-5117 Property 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration

The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the use of the propertypackageuserrole metadata in versions 1.0.5 to 1.0.6. This makes it possible for authenticated attackers, with Author‐level access and above, to elevate their...

8.8CVSS6.5AI score0.00373EPSS
Exploits0References5
cvelist
cvelist
added 2025/05/27 11:14 a.m.18 views

CVE-2025-5117 Property 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration

The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the use of the propertypackageuserrole metadata in versions 1.0.5 to 1.0.6. This makes it possible for authenticated attackers, with Author‐level access and above, to elevate their...

8.8CVSS0.00373EPSS
Exploits0References5
patchstack
patchstack
added 2025/05/27 1:20 a.m.12 views

WordPress Property plugin 1.0.5-1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration vulnerability

Missing Authorization to Authenticated Author+ Privilege Escalation via propertypackageuserrole Metadata in PayPal Registration vulnerability discovered by kr0d in WordPress Plugin Property versions 1.0.5-1.0.6...

8.8CVSS6.8AI score0.00373EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder