Privilege Escalation Vulnerability in Simple Business Directory Pro by Quantumcloud
CVE-2025-53580

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Simple Business Directory Pro
Vendor: CVE Published:; 20 August 2025

What is CVE-2025-53580?

The Simple Business Directory Pro plugin by Quantumcloud is impacted by an incorrect privilege assignment vulnerability that could lead to privilege escalation. This flaw allows users to gain unauthorized access, posing significant risks to the integrity and security of administrative functions. It is crucial for users of this plugin to remain vigilant and apply necessary updates to mitigate potential exploits.

Affected Version(s)

Simple Business Directory Pro < 15.6.9

References

https://patchstack.com/database/wordpress/plugin/simple-b...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2025
Vulnerability Reserved
Jul 3, 2025

Credit

João Pedro S Alcântara (Kinorth) (Patchstack Alliance)

WordPress

What is CVE-2025-53580?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit