CVE-2025-54741
Description
Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Blank: from n/a through <= 1.2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Missing Authorization in Super Blank plugin ≤1.2.0 allows unauthenticated arbitrary content deletion.
The WordPress Super Blank plugin versions up to and including 1.2.0 contain a Missing Authorization vulnerability. This flaw stems from incorrectly configured access control security levels, allowing actions that should require higher privileges to be performed without proper checks [1].
Exploitation does not require authentication, making it accessible to any remote attacker. The vulnerability can be leveraged to delete arbitrary content from a WordPress site, including images, posts, and pages [1]. This type of vulnerability is frequently used in mass-exploit campaigns targeting thousands of websites regardless of their size or popularity [1].
The impact is moderate (CVSS 6.5) but can lead to significant data loss and defacement. The vendor has released version 1.3.0 which resolves the issue; users are strongly advised to update immediately. Patchstack also offers a mitigation rule to block attacks until the update is applied [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.