CVE-2025-11191

Sažetak

The RealPress WordPress plugin before 1.1.0 registers the REST routes without proper permission checks, allowing the creation of pages and sending of emails from the site.

Reference

CVSS

Base:	5.3
Impact:	1.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Zadnje važnije ažuriranje

31-10-2025 - 14:16

Objavljeno

31-10-2025 - 06:15