CVE-2025-4315 | CubeWP Plugin up to 1.1.23 on WordPress update_user_meta privilege escalation

Inserito da Angelo Barbosa | Giu 11, 2025 | CVE

A vulnerability classified as critical has been found in CubeWP Plugin up to 1.1.23 on WordPress. Affected is the function update_user_meta. The manipulation leads to privilege escalation.

This vulnerability is traded as CVE-2025-4315. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4315 | CubeWP Plugin up to 1.1.23 on WordPress update_user_meta privilege escalation

Post correlati

CVE-2024-5033 | SULly Plugin up to 4.3.0 on WordPress cross-site request forgery

CVE-2024-24810 | WiX Toolset up to 4.0.3 on Windows Installer untrusted search path (GHSA-7wh2-wxc7-9ph5)

CVE-2024-6385 | GitLab Community Edition/Enterprise Edition up to 16.11.5/17.0.3/17.1.1 Pipeline access control (Issue 469217)

CVE-2023-48426 | Google Chromecast 5.0 U-Boot Remote Code Execution