CVE-2025-5812

Name of the Vulnerable Software and Affected Versions: VG WORT METIS plugin for WordPress versions prior to 2.0.0

Description: The issue is related to unauthorized modification of data due to a missing capability check on the gutenberg save post() function. This allows authenticated attackers with Subscriber-level access and above to update limited post settings.

Recommendations: For versions prior to 2.0.0, update to version 2.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the gutenberg save post() function to minimize the risk of exploitation.