VYPR

Miraculous

by WordPress

CVEs (4)

  • CVE-2025-58627CriNov 6, 2025
    risk 0.64cvss 9.8epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous Core Plugin: from n/a through < 2.0.9.

  • CVE-2025-58628CriSep 5, 2025
    risk 0.60cvss 9.3epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through < 2.0.9.

  • CVE-2026-32515HigMar 25, 2026
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2.

  • CVE-2025-58629HigNov 6, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.0.9.