CVE-2025-15457 | bg5sbk MiniCMS up to 1.8 Trash File Restore post.php improper authentication

A vulnerability has been found in bg5sbk MiniCMS up to 1.8 and classified as critical. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication.

This vulnerability is cataloged as CVE-2025-15457. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15457 | bg5sbk MiniCMS up to 1.8 Trash File Restore post.php improper authentication

Post correlati

CVE-2025-14737 | TP-Link WA850RE up to V2_160527/V3_160922 httpd os command injection

CVE-2025-60876 | BusyBox wget up to 1.3.7 HTTP Request injection

CVE-2024-2335 | Elements Plus Plugin up to 2.16.2 on WordPress Widget Links cross site scripting

CVE-2024-34738 | Google Android 13/14 AppOpsService.java state issue