High severity7.3NVD Advisory· Published May 6, 2025· Updated Apr 15, 2026
CVE-2025-0856
CVE-2025-0856
Description
The PGS Core plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.8.0. This makes it possible for unauthenticated attackers to add, modify, or plugin options.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=5.8.0+ 1 more
- (no CPE)range: <=5.8.0
- (no CPE)range: <=5.8.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.