CVE-2025-60220 | pebas CouponXxL Plugin up to 3.0.0 on WordPress privileges assignment

October 22, 2025 Yanac

A vulnerability was found in pebas CouponXxL Plugin up to 3.0.0 on WordPress. It has been classified as critical. This affects an unknown function. The manipulation leads to incorrect privilege assignment.

This vulnerability is traded as CVE-2025-60220. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-60226 | axiomthemes White Rabbit Plugin up to 1.5.2 on WordPress deserialization
CVE-2025-60213 | Whitebox-Studio Scape Plugin up to 1.5.13 on WordPress deserialization