mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 00:49:28 +02:00
0xMarcio
1.7 KiB
1.7 KiB
CVE-2025-6003
%20-%20Multisite%20All-Inclusive&color=blue)
%20-%20Multisite%20Enterprise&color=blue)
%20-%20Multisite%20Premium&color=blue)
%20-%20Single%20Site%20All-Inclusive&color=blue)
%20-%20Single%20Site%20Enterprise&color=blue)
%20-%20Single%20Site%20Premium&color=blue)
%20-%20Single%20Site%20Standard&color=blue)
Description
The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles.
POC
Reference
No PoCs from references.