CVE-2025-5953 | WP Human Resource Management Plugin up to 2.2.17 on WordPress AJAX ajax_insert_employee role authorization

A vulnerability classified as critical was found in WP Human Resource Management Plugin up to 2.2.17 on WordPress. Affected by this vulnerability is the function ajax_insert_employee of the component AJAX Handler. The manipulation of the argument role leads to missing authorization.

This vulnerability is known as CVE-2025-5953. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More