3 matches found
Exploit for CVE-2025-5701
CVE-2025-5701 - Unauthenticated Privilege Escalation Exploit...
CVE-2025-5701
creationtimestamp| type| source ---|---|--- 2025-06-05 11:45:36+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lquajq7b2zv2 2025-06-05 14:51:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqukzz7uwt2r 2025-06-05...
CVE-2025-5701
CVE-2025-5701 is a vulnerability in the WordPress HyperComments plugin (versions up to and including 1.2.2). The root cause is a missing capability check in hc_request_handler, enabling unauthenticated attackers to modify WordPress options (e.g., users_can_register and default_role). This can lea...