CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in nikmelnik Realbig realbig-media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through = 1.1.3...

CVE-2025-62147

CVE-2025-62147 concerns the Realbig plugin for WordPress (Realbig) with a Missing Authorization vulnerability affecting versions up to 1.1.3. The issue arises from incorrectly configured access control, enabling an unauthenticated actor to exploit privileged actions. The Connected Wordfence entry...

CVE-2025-62147 WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3...

WordPress Realbig Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Realbig Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41694 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 394f5c1dc16e Credits Mika Required privilege...