CVE-2025-15457

Name of the Vulnerable Software and Affected Versions bg5sbk MiniCMS versions up to 1.8

Description A flaw exists in bg5sbk MiniCMS up to version 1.8 related to improper authentication. The issue resides in an unknown function within the /minicms/mc-admin/post.php file, specifically within the Trash File Restore Handler component. A remote attacker can exploit this flaw through manipulation. The exploit is publicly available. The vendor was notified but did not respond.

Recommendations Versions prior to 1.8 should be updated. As a temporary workaround, consider restricting access to the /minicms/mc-admin/post.php file to minimize the risk of exploitation.