CVE-2025-62131
Description
Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite tasty-recipes-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through <= 1.1.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Tasty Recipes Lite WordPress plugin up to 1.1.5 has a missing authorization vulnerability allowing unprivileged users to execute higher privileged actions.
The Tasty Recipes Lite WordPress plugin before version 1.1.5 suffers from a missing authorization vulnerability. The plugin fails to properly check access rights for certain functions, allowing attackers to exploit incorrectly configured access control security levels.
This issue can be exploited by an unauthenticated or low-privileged attacker sending crafted HTTP requests to perform administrative actions without proper authorization. No authentication is required to trigger the vulnerability, making it accessible to anyone with network access to the WordPress site.
Successful exploitation allows an attacker to execute actions intended for higher-privileged roles, such as modifying recipe settings or other restricted functionality. This type of vulnerability is frequently used in mass-exploit campaigns, targeting thousands of websites simultaneously [1].
The vulnerability has been addressed in version 1.1.6. Users are strongly advised to update immediately or enable auto-updates if using Patchstack. If immediate update is not possible, consult with a hosting provider or web developer for assistance [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=1.1.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.