CVE Details
Basic Information
| Title | CVE-2025-39449 |
|---|---|
| Type | cve |
| Published | 2025-05-19T19:15:50 |
| Last Seen | 2025-05-19T19:18:50 |
CVSS Information
| Base Score | 7.5 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | NONE |
| Availability Impact | NONE |
AI Analysis
| AI Description | A missing authorization vulnerability in Crocoblock JetWooBuilder allows unauthorized access to certain functionalities that should be restricted by access control lists (ACLs). This could enable attackers to perform actions they shouldn’t be allowed to, potentially leading to data exposure or system misuse. The issue is rated HIGH severity with a CVSS score of 7.5, indicating a significant risk, especially in widely used platforms like WordPress. |
|---|---|
| AI Severity | High |
| Vendor | WordPress Community |
| Product | Crocoblock JetWooBuilder |
| Affected Version |
Additional Information
| CVE List | CVE-2025-39449 |
|---|---|
| CWE List | CWE-862 |
| Bulletin Family | cve |
Description
Missing Authorization vulnerability in Crocoblock JetWooBuilder allows Accessing Functionality Not Properly Constrained by ACLs.This issue…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)