CVE-2025-4315 | CubeWP Plugin up to 1.1.23 on WordPress update_user_meta privilege escalation

June 11, 2025 Yanac

A vulnerability classified as critical has been found in CubeWP Plugin up to 1.1.23 on WordPress. Affected is the function update_user_meta. The manipulation leads to privilege escalation.

This vulnerability is traded as CVE-2025-4315. It is possible to launch the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-5144 | Events Calendar Plugin up to 6.13.2 on WordPress cross site scripting
CVE-2025-47102 | Adobe Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48)