6 matches found
WordPress REST API | Custom API Generator For Cross Platform And Import Export In WP plugin <= 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler Function vulnerability
Missing Authorization to Unauthenticated Privilege Escalation via processhandler Function vulnerability discovered by kr0d in WordPress Plugin REST API | Custom API Generator For Cross Platform And Import Export In WP versions = 2.0.3...
CVE-2025-5288
creationtimestamp| type| source ---|---|--- 2025-06-13 02:34:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18255 2025-06-13 03:00:05+00:00| published-proof-of-concept| Telegram/hEZhhRBlhjKOjzwPb5HHEyoDQiQ0INtqUOihmQN35WCeNGE 2025-06-13 04:59:29+00:00| seen|...
CVE-2025-5288 REST API | Custom API Generator For Cross Platform And Import Export In WP 1.0.0 - 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler Function
The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the processhandler function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an...
CVE-2025-5288
The CVE-2025-5288 entry concerns the WordPress REST API plugin “Custom API Generator For Cross Platform And Import Export In WP” (versions 1.0.0–2.0.3). The root cause is a missing capability check in the process_handler() function, enabling unauthenticated attackers to POST an arbitrary import_a...
CVE-2025-5288 REST API | Custom API Generator For Cross Platform And Import Export In WP 1.0.0 - 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler Function
The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the processhandler function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an...
Exploit for CVE-2025-5288
🚨 REST API | Custom API Generator For Cross Platform And Impor...