CVE-2025-4315 | CubeWP Plugin up to 1.1.23 on WordPress update_user_meta privilege escalation

Inserito da Angelo Barbosa | Giu 11, 2025 | CVE

A vulnerability classified as critical has been found in CubeWP Plugin up to 1.1.23 on WordPress. Affected is the function update_user_meta. The manipulation leads to privilege escalation.

This vulnerability is traded as CVE-2025-4315. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4315 | CubeWP Plugin up to 1.1.23 on WordPress update_user_meta privilege escalation

Post correlati

CVE-2024-49635 | Manzurul Haque Banner Slider Plugin up to 2.1 on WordPress cross site scripting

CVE-2024-54286 | Sendsmaily Smaily for WP Plugin up to 3.1.2 on WordPress cross site scripting

CVE-2025-21395 | Microsoft Office/Access/365 Apps for Enterprise heap-based overflow

CVE-2025-47696 | Blog Designer Pro Plugin up to 3.4.7 on WordPress file inclusion