4 matches found
CVE-2025-11257
The LLM Hubspot Blog Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processsaveblogs' AJAX endpoint in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level acce...
CVE-2025-11257 LLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot Import
The LLM Hubspot Blog Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processsaveblogs' AJAX endpoint in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level acce...
CVE-2025-11257
CVE-2025-11257 — LLM Hubspot Blog Import (WordPress) has a missing authorization check on the process_save_blogs AJAX endpoint in versions up to and including 1.0.1. This allows authenticated attackers with Subscriber-level access and above to trigger an import of all Hubspot data, facilitating u...
PT-2025-43592
Name of the Vulnerable Software and Affected Versions LLM Hubspot Blog Import plugin for WordPress versions up to and including 1.0.1 Description The LLM Hubspot Blog Import plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check on the...