Meetinghub
Monthly
Missing authorization in the MeetingHub WordPress plugin (versions through 1.25.10) allows unauthenticated remote attackers to exploit incorrectly configured access control and perform unauthorized integrity-affecting actions. The CVSS vector (PR:N/AV:N/AC:L/UI:N) confirms no authentication or user interaction is required, making any WordPress installation running an affected version directly exposed from the network. No active exploitation has been confirmed (no CISA KEV listing) and no public exploit has been identified at time of analysis.
Missing authorization in the MeetingHub WordPress plugin (versions through 1.25.10) allows unauthenticated remote attackers to exploit incorrectly configured access control and perform unauthorized integrity-affecting actions. The CVSS vector (PR:N/AV:N/AC:L/UI:N) confirms no authentication or user interaction is required, making any WordPress installation running an affected version directly exposed from the network. No active exploitation has been confirmed (no CISA KEV listing) and no public exploit has been identified at time of analysis.