4 matches found
CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3...
CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in nikmelnik Realbig realbig-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through = 1.1.3...
CVE-2025-62147
CVE-2025-62147 concerns the Realbig plugin for WordPress (Realbig) with a Missing Authorization vulnerability affecting versions up to 1.1.3. The issue arises from incorrectly configured access control, enabling an unauthenticated actor to exploit privileged actions. The Connected Wordfence entry...
WordPress Realbig Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Realbig Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41694 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 394f5c1dc16e Credits Mika Required privilege...