Miraculous
by WordPress
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-58627 | Cri | 0.64 | 9.8 | 0.00 | Nov 6, 2025 | Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous Core Plugin: from n/a through < 2.0.9. | ||
| CVE-2025-58628 | Cri | 0.60 | 9.3 | 0.00 | Sep 5, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through < 2.0.9. | ||
| CVE-2026-32515 | Hig | 0.49 | 7.5 | 0.00 | Mar 25, 2026 | Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2. | ||
| CVE-2025-58629 | Hig | 0.49 | 7.5 | 0.00 | Nov 6, 2025 | Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.0.9. |
- risk 0.64cvss 9.8epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous Core Plugin: from n/a through < 2.0.9.
- risk 0.60cvss 9.3epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through < 2.0.9.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2.
- risk 0.49cvss 7.5epss 0.00
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.0.9.