CVE-2025-23955 Information

Description

Missing Authorization vulnerability in xola.com Xola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through 1.6.

Reference

https://patchstack.com/database/wordpress/plugin/xola-bookings-for-tours-activities/vulnerability/wordpress-xola-plugin-1-6-broken-access-control-vulnerability?_s_id=cve