CVE-2025-13619 | Flex Store Users Plugin up to 1.1.0 on WordPress add_role_seller fs_type Remote Code Execution

Inserito da Angelo Barbosa | Dic 20, 2025 | CVE

A vulnerability was found in Flex Store Users Plugin up to 1.1.0 on WordPress. It has been rated as critical. The affected element is the function fsUserHandle::signup/fsSellerRole::add_role_seller. The manipulation of the argument fs_type leads to Remote Code Execution.

This vulnerability is listed as CVE-2025-13619. The attack may be initiated remotely. There is no available exploit.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

CVE-2025-13619 | Flex Store Users Plugin up to 1.1.0 on WordPress add_role_seller fs_type Remote Code Execution

Post correlati

CVE-2025-64761 | OpenBao up to 2.4.3 privileges assignment (GHSA-7ff4-jw48-3436)

CVE-2023-41337 | h2o up to 2.3.0-beta2 X.509 Certificate signature verification (GHSA-5v5r-rghf-rm6q)

CVE-2024-50401 | QNAP QTS/QuTS hero format string (qsa-24-43)

CVE-2024-44095 | Google Android code/drm_fw.c ppmp_protect_mfcfw_buf memory corruption