WordPress plugin Javo Core 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress Javo Core Plugin <= 3.0.0.266 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bonds in WordPress Plugin Javo Core versions = 3.0.0.266...

CVE-2025-58003 WordPress Javo Core Plugin <= 3.0.0.266 - Broken Access Control Vulnerability

Missing Authorization vulnerability in javothemes Javo Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Javo Core: from n/a through 3.0.0.266...

CVE-2025-58003 WordPress Javo Core Plugin <= 3.0.0.266 - Broken Access Control Vulnerability

Missing Authorization vulnerability in javothemes Javo Core javo-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Javo Core: from n/a through = 3.0.0.266...

CVE-2025-58003

CVE-2025-58003 is a Missing Authorization vulnerability in Javo Core affecting the WordPress plugin Javo Core (versions up to and including 3.0.0.266). The vulnerability is documented in CVE-2025-58003 and is listed in Wordfence/WordPress vulnerability feeds with a patch status of Unpatched. The ...

CVE-2025-0177

The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileg...