Missing Authorization Vulnerability in Houzez by Houzez.co
CVE-2025-24754
4.3MEDIUM
Summary
A missing authorization vulnerability exists in the Houzez theme by Houzez.co, impacting versions up to 3.4.0. This issue allows unauthorized users to potentially access restricted functionalities and data, leading to unauthorized actions within the application. It is essential for users and administrators to apply the latest security patches and review their access controls to mitigate potential exploitation risks.
Affected Version(s)
Houzez <= 3.4.0
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Ananda Dhakal (Patchstack)