Missing Authorization Vulnerability in LTL Freight Quotes – Unishippers Edition by Unishippers
CVE-2025-22289

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Ltl Freight Quotes – Unishippers Edition
Vendor: CVE Published:; 16 February 2025

What is CVE-2025-22289?

An authorization vulnerability exists in the LTL Freight Quotes – Unishippers Edition that allows unauthorized access due to incorrectly configured access control security levels. This flaw may potentially enable attackers to exploit the application, gaining access to sensitive functionalities or data they should not have access to, leading to security risks. The vulnerability affects versions of the product from n/a up to 2.5.8, emphasizing the need for users to review their security configurations and implement appropriate mitigations.

Affected Version(s)

LTL Freight Quotes – Unishippers Edition <= 2.5.8

References

https://patchstack.com/database/wordpress/plugin/ltl-frei...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2025
Vulnerability Reserved
Jan 3, 2025

Credit

Mika (Patchstack Alliance)

WordPress

What is CVE-2025-22289?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit