PT-2026-7819 · WordPress · Prime Listing Manager

Khaled Alenazi

Publicado

2026-02-12

Atualizado

2026-02-12

CVE-2025-14892

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Prime Listing Manager WordPress plugin versions through 1.1

Description The Prime Listing Manager WordPress plugin allows an attacker to gain administrative access without needing an account on the targeted site and perform unauthorized actions. This is due to a hardcoded secret.

Recommendations Update Prime Listing Manager WordPress plugin to a version newer than 1.1.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2025-14892

Produtos afetados

Prime Listing Manager

PT-2026-7819 · WordPress · Prime Listing Manager

CVE-2025-14892

Identificadores relacionados

Produtos afetados

Referências · 6