CVE-2025-10038 | Binary MLM Plan Plugin up to 3.0 on WordPress Setting bmp_user improper authentication

October 15, 2025 Yanac

A vulnerability was found in Binary MLM Plan Plugin up to 3.0 on WordPress. It has been classified as critical. Affected by this issue is the function bmp_user of the component Setting Handler. The manipulation leads to improper authentication.

This vulnerability is documented as CVE-2025-10038. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More