CVE-2025-65094 | WBCE CMS up to 1.6.3 Group Membership /admin/users/save.php groups[] privileges assignment

A vulnerability has been found in WBCE CMS up to 1.6.3 and classified as critical. The impacted element is an unknown function of the file /admin/users/save.php of the component Group Membership Handler. Performing manipulation of the argument groups[] results in incorrect privilege assignment.

This vulnerability is identified as CVE-2025-65094. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More