CVE-2025-0177 [CRITICAL] :

The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.

SANS CWE TOP 25 Most Dangerous Software Errors

What Errors Are Included in the Top 25 Software Errors? Computer security training, certification and free resources. We specialize in computer/network security, digital forensics, application security and IT audit.

Visit Website

Listed: Tue Feb 13 2024