CVE-2025-15456 | bg5sbk MiniCMS up to 1.8 Publish Page /mc-admin/page-edit.php improper authentication

A vulnerability, which was classified as critical, was found in bg5sbk MiniCMS up to 1.8. The affected element is an unknown function of the file /mc-admin/page-edit.php of the component Publish Page Handler. Such manipulation leads to improper authentication.

This vulnerability is listed as CVE-2025-15456. The attack may be performed from remote. In addition, an exploit is available.

The existence of this vulnerability is still disputed at present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15456 | bg5sbk MiniCMS up to 1.8 Publish Page /mc-admin/page-edit.php improper authentication

Post correlati

CVE-2024-45309 | OneDev up to 11.0.8 information disclosure (GHSA-7wg5-6864-v489)

CVE-2024-11498 | libjxl JPEG XL Decoder resource consumption

CVE-2024-11969 | Cradlepoint NetCloud Exchange Client 1.110.50 on Windows default permission

CVE-2023-53890 | Perch CMS 3.2 SVG File cross site scripting (Exploit 51621)