CVE-2025-8482 | Simple Local Avatars Plugin up to 2.8.4 on WordPress migrate_from_wp_user_avatar authorization

Inserito da Angelo Barbosa | Ago 12, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Simple Local Avatars Plugin up to 2.8.4 on WordPress. Affected is the function migrate_from_wp_user_avatar. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-8482. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-8482 | Simple Local Avatars Plugin up to 2.8.4 on WordPress migrate_from_wp_user_avatar authorization

Post correlati

CVE-2023-50059 | Ingalxe Galxe platform 1.0 Web3 Authentication information disclosure

CVE-2024-10452 | Grafana 10.4.0 Pending Invite authorization

CVE-2024-37228 | InstaWP Connect Plugin up to 0.1.0.38 on WordPress code injection

CVE-2025-25288 | octokit plugin-paginate-rest.js up to 11.4.0 REST API Endpoint octokit.paginate.iterator link redos (GHSA-h5c3-5r3r-rr8q)