Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/06/06 6:42 a.m.6 views

CVE-2025-5486 WP Email Debug 1.0 - 1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password Reset

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUGhandlesettings function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled...

9.8CVSS7.7AI score0.00435EPSS
Exploits0References2
CVE
CVE
added 2025/06/06 6:42 a.m.80 views

CVE-2025-5486

CVE-2025-5486 affects the WordPress plugin WP Email Debug (versions 1.0–1.1.0). The vulnerability is a missing capability check in WPMDBUG_handle_settings(), enabling privilege escalation by unauthenticated actors: they can enable debugging, cause emails to be sent to an attacker-controlled addre...

9.8CVSS9.8AI score0.00435EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/06 6:42 a.m.19 views

CVE-2025-5486 WP Email Debug 1.0 - 1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password Reset

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUGhandlesettings function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled...

9.8CVSS0.00435EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/06/05 8:0 p.m.11 views

WordPress WP Email Debug plugin 1.0-1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password Reset vulnerability

Missing Authorization to Unauthenticated Privilege Escalation via Password Reset vulnerability discovered by kr0d in WordPress Plugin WP Email Debug versions 1.0-1.1.0...

9.8CVSS6.9AI score0.00435EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder