ГлавнаяУязвимости → CVE-2025-13029
7.5высокая

CVE-2025-13029

Описание

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users.

CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Источники
https://wpscan.com/vulnerability/22344534-cd36-4817-b683-c0af55759e01/https://wpscan.com/vulnerability/22344534-cd36-4817-b683-c0af55759e01/