CVE-2025-10706 | WP Framework Plugin up to 1.0.14 on WordPress Plugin Installation cwp_addons_update_plugin_cb authorization

Inserito da Angelo Barbosa | Ott 16, 2025 | CVE

A vulnerability categorized as critical has been discovered in WP Framework Plugin up to 1.0.14 on WordPress. Affected is the function cwp_addons_update_plugin_cb of the component Plugin Installation Handler. Executing manipulation can lead to missing authorization.

This vulnerability is handled as CVE-2025-10706. The attack can be executed remotely. There is not any exploit available.

CVE-2025-10706 | WP Framework Plugin up to 1.0.14 on WordPress Plugin Installation cwp_addons_update_plugin_cb authorization

Post correlati

CVE-2024-37077 | OpenHarmony up to 4.0.1 Pre-installed Apps out-of-bounds write

CVE-2024-29212 | Veeam Service Provider Console 8/up to 7 Management Agent deserialization (kb4575)

CVE-2025-43210 | Apple macOS MediaToolbox Framework memory corruption

CVE-2023-51677 | Magazine3 Schema & Structured Data for WP & AMP Plugin up to 1.23 on WordPress cross site scripting