Lucene search
+L

6 matches found

patchstack
patchstack
added 2025/06/13 6:41 a.m.35 views

WordPress REST API | Custom API Generator For Cross Platform And Import Export In WP plugin <= 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler Function vulnerability

Missing Authorization to Unauthenticated Privilege Escalation via processhandler Function vulnerability discovered by kr0d in WordPress Plugin REST API | Custom API Generator For Cross Platform And Import Export In WP versions = 2.0.3...

9.8CVSS6.7AI score0.00532EPSS
Exploits1References1Affected Software1
circl
circl
added 2025/06/13 2:34 a.m.31 views

CVE-2025-5288

creationtimestamp| type| source ---|---|--- 2025-06-13 02:34:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18255 2025-06-13 03:00:05+00:00| published-proof-of-concept| Telegram/hEZhhRBlhjKOjzwPb5HHEyoDQiQ0INtqUOihmQN35WCeNGE 2025-06-13 04:59:29+00:00| seen|...

9.8CVSS4.8AI score0.00532EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/06/13 1:47 a.m.12 views

CVE-2025-5288 REST API | Custom API Generator For Cross Platform And Import Export In WP 1.0.0 - 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler Function

The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the processhandler function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an...

9.8CVSS7.2AI score0.00532EPSS
Exploits1References3
cve
cve
added 2025/06/13 1:47 a.m.103 views

CVE-2025-5288

The CVE-2025-5288 entry concerns the WordPress REST API plugin “Custom API Generator For Cross Platform And Import Export In WP” (versions 1.0.0–2.0.3). The root cause is a missing capability check in the process_handler() function, enabling unauthenticated attackers to POST an arbitrary import_a...

9.8CVSS9.4AI score0.00532EPSS
Exploits1References3
cvelist
cvelist
added 2025/06/13 1:47 a.m.39 views

CVE-2025-5288 REST API | Custom API Generator For Cross Platform And Import Export In WP 1.0.0 - 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler Function

The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the processhandler function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an...

9.8CVSS0.00532EPSS
Exploits1References3
githubexploit
githubexploit
added 2025/06/12 7:59 p.m.283 views

Exploit for CVE-2025-5288

🚨 REST API | Custom API Generator For Cross Platform And Impor...

9.8CVSS7.3AI score0.00532EPSS
Exploits1
Rows per page
Query Builder