CVE-2025-14947 | All-in-One Video Gallery Plugin up to 4.6.4 on WordPress ajax_callback_create_bunny_stream_video authorization

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability was found in All-in-One Video Gallery Plugin up to 4.6.4 on WordPress. It has been rated as critical. This affects the function ajax_callback_create_bunny_stream_video. Performing a manipulation results in missing authorization.

This vulnerability is identified as CVE-2025-14947. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-14947 | All-in-One Video Gallery Plugin up to 4.6.4 on WordPress ajax_callback_create_bunny_stream_video authorization

Post correlati

CVE-2025-15088 | ketr JEPaaS up to 7.2.8 loadPostil postilService.loadPostils keyWord sql injection

CVE-2024-39773 | Wavlink AC3000 M33A8.V5030.210505 testsave.sh missing authentication (TALOS-2024-2035)

CVE-2024-5335 | bdthemes Ultimate Store Kit Elementor Addons Plugin up to 1.6.4 on WordPress _ultimate_store_kit_compare_products deserialization

CVE-2025-34180 | NetSupport Manager up to 14.12.0 Connectivity Server storing passwords in a recoverable format