CVE-2025-66167 | merkulove Lottier Plugin up to 1.1.1 on WordPress authorization

December 16, 2025 Yanac

A vulnerability classified as critical was found in merkulove Lottier Plugin up to 1.1.1 on WordPress. This vulnerability affects unknown code. Executing manipulation can lead to missing authorization.

This vulnerability appears as CVE-2025-66167. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-67948 | SendPulse Email Marketing Newsletter Plugin up to 2.2.1 on WordPress exposure of sensitive system information to an unauthorized control sphere
CVE-2025-66166 | merkulove Lottier for Elementor Plugin up to 1.0.9 on WordPress authorization