CVE-2025-15096

The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for...

CVE-2025-15096

The CVE-2025-15096 entry covers the WordPress plugin Videospirecore Theme Plugin, vulnerable in all versions up to 1.0.6. The issue stems from improper identity validation when updating user details (e.g., email), allowing an authenticated attacker with Subscriber-level access or higher to change...

CVE-2025-15096

The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for...

WordPress plugin Videospirecore Theme Plugin 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...