Medium severity5.3NVD Advisory· Published Oct 22, 2025· Updated Apr 27, 2026
CVE-2025-49906
CVE-2025-49906
Description
Missing Authorization vulnerability in StellarWP WPComplete wpcomplete allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPComplete: from n/a through <= 2.9.5.3.
Affected products
2<= 2.9.5.3+ 1 more
- (no CPE)range: <= 2.9.5.3
- (no CPE)range: <=2.9.5.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.