CVE-2025-23534

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 14, 2025

CWE ID 862

Summary

CVE-2025-23534 is a security vulnerability affecting the Mark Winiarski WPLingo plugin. This missing authorization issue permits exploitation due to incorrectly configured access control security levels. Attackers can leverage this weakness, present in versions from n/a to 1.1.2, to gain unauthorized access and potentially execute malicious actions. Users are urged to update their WPLingo plugin to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2haIQy
https://www.cve.org/CVERecord?id=CVE-2025-23534
https://nvd.nist.gov/vuln/detail/CVE-2025-23534

Back to Vulnerability Database

CVE-2025-23534

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations