EUVD-2025-21842

Malicious code in bioql PyPI...

CVE-2025-6813

The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the autologin function in versions 1.0 to 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to bypass all role checks and gai...

CVE-2025-6813

The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the autologin function in versions 1.0 to 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to bypass all role checks and gai...

CVE-2025-6813 aapanel WP Toolkit 1.0 - 1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via auto_login() Function

The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the autologin function in versions 1.0 to 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to bypass all role checks and gai...

CVE-2025-6813

CVE-2025-6813 affects the WordPress plugin aapanel WP Toolkit (versions 1.0–1.1). The root cause is missing authorization checks in the auto_login() function, enabling authenticated users with Subscriber-level access and above to bypass role checks and gain full admin privileges. The CVE is curre...

PT-2025-29990 · WordPress · Aapanel Wp Toolkit

Name of the Vulnerable Software and Affected Versions: aapanel WP Toolkit versions 1.0 through 1.1 Description: The aapanel WP Toolkit plugin for WordPress is susceptible to privilege escalation due to missing authorization checks within the auto login function. Authenticated attackers with...