CVE-2025-10849 | Felan Framework Plugin up to 1.1.4 on WordPress Activation/Deactivation process_plugin_actions authorization

Inserito da Angelo Barbosa | Ott 16, 2025 | CVE

A vulnerability was found in Felan Framework Plugin up to 1.1.4 on WordPress. It has been rated as critical. This impacts the function process_plugin_actions of the component Activation/Deactivation. Performing manipulation results in missing authorization.

This vulnerability is known as CVE-2025-10849. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-10849 | Felan Framework Plugin up to 1.1.4 on WordPress Activation/Deactivation process_plugin_actions authorization

Post correlati

CVE-2024-41162 | Mattermost up to 9.5.6/9.7.5/9.8.1/9.9.0 Shared Channel access control

CVE-2025-0907 | Tracker Software PDF-XChange Editor JB2 File Parser out-of-bounds

CVE-2023-41505 | Student Enrollment 1.0 Profile Picture unrestricted upload

CVE-2024-12838 | Changing Information Technology CGFIDO up to 1.0.x Passwordless Login authentication bypass by assumed-immutable data