CVE-2025-15455 | bg5sbk MiniCMS up to 1.8 File Recovery Request page.php delete_page improper authentication

Inserito da Angelo Barbosa | Gen 4, 2026 | CVE

A vulnerability, which was classified as critical, has been found in bg5sbk MiniCMS up to 1.8. Impacted is the function delete_page of the file /minicms/mc-admin/page.php of the component File Recovery Request Handler. This manipulation causes improper authentication.

This vulnerability is tracked as CVE-2025-15455. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15455 | bg5sbk MiniCMS up to 1.8 File Recovery Request page.php delete_page improper authentication

Post correlati

CVE-2022-48830 | Linux Kernel up to 5.10.100/5.15.23/5.16.9 CAN isotp_rcv state issue

CVE-2024-1073 | SlimStat Analytics Plugin up to 5.1.3 on WordPress cross site scripting

CVE-2025-7539 | code-projects Online Appointment Booking System 1.0 /getdoctordaybooking.php cid sql injection

CVE-2024-12511 | Xerox WorkCentre 6515 Setting privileges management