CVE-2025-62730

Name of the Vulnerable Software and Affected Versions SOPlanning versions prior to 1.55

Description SOPlanning has a flaw that allows privilege escalation through the user management tab. Users assigned the user manage team role can modify user permissions, including granting administrative privileges to themselves or other users. This allows a malicious, authenticated attacker with the user manage team role to escalate their privileges to administrator level. The issue affects both the Bulk Update functionality and the standard user rights and privileges editing process.

Recommendations Update to version 1.55 or later.