Missing Authorization Vulnerability in LTL Freight Quotes – Unishippers Edition by Unishippers
CVE-2025-22289

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Ltl Freight Quotes – Unishippers Edition
Vendor: CVE Published:; 16 February 2025

Summary

An authorization vulnerability exists in the LTL Freight Quotes – Unishippers Edition that allows unauthorized access due to incorrectly configured access control security levels. This flaw may potentially enable attackers to exploit the application, gaining access to sensitive functionalities or data they should not have access to, leading to security risks. The vulnerability affects versions of the product from n/a up to 2.5.8, emphasizing the need for users to review their security configurations and implement appropriate mitigations.

Affected Version(s)

LTL Freight Quotes – Unishippers Edition <= 2.5.8

References

https://patchstack.com/database/wordpress/plugin/ltl-frei...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 16, 2025
Vulnerability Reserved
Jan 3, 2025

Credit

Mika (Patchstack Alliance)