CVE-2025-49980 Information

Jun 21, 2025 cve

Description

Missing Authorization vulnerability in WP Event Manager WP User Profile Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Profile Avatar: from n/a through 1.0.6.

Reference

https://patchstack.com/database/wordpress/plugin/wp-user-profile-avatar/vulnerability/wordpress-wp-user-profile-avatar-plugin-1-0-6-broken-access-control-vulnerability?_s_id=cve

CNNVD-202506-2700 (Published: 2025-06-20)

Share on:

CVE-2025-49980 Information

Description

Reference

Related CNNVD