CVE-2025-15369 | xpro Xpro Addons Plugin up to 1.5.0 on WordPress get_content_editor authorization

Inserito da Angelo Barbosa | Mag 20, 2026 | CVE

A vulnerability categorized as critical has been discovered in xpro Xpro Addons Plugin up to 1.5.0 on WordPress. The impacted element is the function get_content_editor. Such manipulation leads to missing authorization.

This vulnerability is listed as CVE-2025-15369. The attack may be performed from remote. There is no available exploit.

CVE-2025-15369 | xpro Xpro Addons Plugin up to 1.5.0 on WordPress get_content_editor authorization

Post correlati

CVE-2025-2843 | rhobs observability-operator privilege escalation

CVE-2024-46331 | ModStartCMS 8.8.0 URL /admin/login redirect

CVE-2026-0983 | M-Files Server up to 25.8/26.2/26.5.16015.0 improper validation of syntactic correctness of input (EUVD-2026-30767)

CVE-2024-27771 | Unitronics Unistream Unilogic prior 1.35.227 path traversal