PT-2025-54341 · WordPress · Wp Attachments

Jitlada

·

Publicado

2025-12-31

·

Atualizado

2026-01-01

·

CVE-2025-62888

CVSS v3.1

5.4

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions Marco Milesi WP Attachments versions through 5.2
Description A missing authorization issue exists in Marco Milesi WP Attachments, stemming from incorrectly configured access control security levels. This allows for potential exploitation of the system.
Recommendations Update Marco Milesi WP Attachments to a version later than 5.2.

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

CVE-2025-62888

Produtos afetados

Wp Attachments