PT-2025-49953 · WordPress · Vanquish User Extra Fields

Published

2025-12-09

·

Updated

2025-12-15

·

CVE-2025-67579

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions vanquish User Extra Fields versions prior to 16.9
Description An authorization issue exists in vanquish User Extra Fields wp-user-extra-fields, allowing exploitation due to incorrectly configured access control security levels. The issue relates to User Extra Fields.
Recommendations Update to a version prior to 16.9.

Fix

Missing Authorization

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2025-67579

Affected Products

Vanquish User Extra Fields