CVE-2025-26975

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 25, 2025

CWE ID 862

Summary

CVE-2025-26975 is a missing authorization vulnerability that affects the WP Chill Strong Testimonials plugin, version n/a through 3.2.3. An attacker can exploit this issue to access functionality that is not properly constrained by Access Control Lists (ACLs). This vulnerability could potentially allow unauthorized users to manipulate testimonials, posing a risk to websites using this plugin. It is essential for users to update to the latest version of WP Chill Strong Testimonials to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3cvYmI
https://www.cve.org/CVERecord?id=CVE-2025-26975
https://nvd.nist.gov/vuln/detail/CVE-2025-26975

Back to Vulnerability Database

CVE-2025-26975

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations