Skip to main content

Woostify Sites Library

1 CVEs product

Monthly

CVE-2025-66076 MEDIUM This Month

Unauthenticated broken access control in Woostify Sites Library WordPress plugin versions up to and including 1.6.2 permits remote, unauthenticated attackers to bypass authorization checks and perform restricted actions against affected WordPress installations. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no credentials and no user interaction, making automated scanning and exploitation straightforward. No active exploitation has been identified at time of analysis, and no public exploit code is known.

Authentication Bypass Woostify Sites Library
NVD
CVSS 3.1
5.3
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM This Month

Unauthenticated broken access control in Woostify Sites Library WordPress plugin versions up to and including 1.6.2 permits remote, unauthenticated attackers to bypass authorization checks and perform restricted actions against affected WordPress installations. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms exploitation requires no credentials and no user interaction, making automated scanning and exploitation straightforward. No active exploitation has been identified at time of analysis, and no public exploit code is known.

Authentication Bypass Woostify Sites Library
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy