Missing Authorization Vulnerability in Event Rocket from Barry
CVE-2025-53452
4.3MEDIUM
What is CVE-2025-53452?
The missing authorization vulnerability in Barry's Event Rocket plugin permits attackers to exploit insecurely configured access control security levels. This flaw enables unauthorized access to sensitive areas of the application, leading to potential data leaks and misuse. Affected versions range from unspecified up to 3.3, necessitating careful scrutiny and immediate action from users to secure their installations.
Affected Version(s)
Event Rocket <= 3.3