CVE-2025-14358
HIGHSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects REHub Framework: from n/a through <= 19.9.5.
AnalysisAI
REHub Framework for WordPress (through 19.9.5) has missing authorization allowing unauthenticated access to restricted functionality with full CIA impact.
Technical ContextAI
The plugin does not check user capabilities before allowing access to sensitive functionality (CWE-862).
Affected ProductsAI
REHub Framework through 19.9.5
RemediationAI
Update REHub Framework to the latest version.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today