CVE-2025-47817 | BlueWave Checkmate up to 2.0.2 Profile Edit Request role external control of assumed-immutable web parameter (GHSA-rq7r-p9cq-5q4f)

Inserito da Angelo Barbosa | Mag 11, 2025 | CVE

A vulnerability, which was classified as very critical, has been found in BlueWave Checkmate up to 2.0.2. Affected by this issue is some unknown functionality of the component Profile Edit Request Handler. The manipulation of the argument role leads to external control of assumed-immutable web parameter.

This vulnerability is handled as CVE-2025-47817. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-47817 | BlueWave Checkmate up to 2.0.2 Profile Edit Request role external control of assumed-immutable web parameter (GHSA-rq7r-p9cq-5q4f)

Post correlati

CVE-2024-3518 | Media Library Assistant Plugin up to 3.15 on WordPress Shortcode sql injection

CVE-2024-55417 | DevDojo Voyager up to 1.8.0 /admin/media/upload Remote Code Execution

CVE-2024-6028 | Quiz Maker Plugin up to 6.5.8.3 on WordPress ays_questions sql injection

CVE-2023-33077 | Qualcomm 8 Gen 1 Mobile Platform HLOS memory corruption