PT-2026-7819 · WordPress · Prime Listing Manager
Khaled Alenazi
·
Published
2026-02-12
·
Updated
2026-02-12
·
CVE-2025-14892
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Prime Listing Manager WordPress plugin versions through 1.1
Description
The Prime Listing Manager WordPress plugin allows an attacker to gain administrative access without needing an account on the targeted site and perform unauthorized actions. This is due to a hardcoded secret.
Recommendations
Update Prime Listing Manager WordPress plugin to a version newer than 1.1.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Prime Listing Manager