VYPR

WPC Admin Columns

by WordPress

CVEs (1)

  • CVE-2025-3418HigApr 12, 2025
    risk 0.50cvss 8.8epss 0.00

    The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated through the ajax_edit_save() function. This makes it possible for authenticated…