Access Control Vulnerability in Miraculous Theme by kamleshyadav
CVE-2025-58629

Currently unrated

Key Information:

Vendor

WordPress
Status
Miraculous
Vendor
CVE Published:
6 November 2025

What is CVE-2025-58629?

The Miraculous Theme by kamleshyadav has a missing authorization vulnerability that arises from incorrectly configured access control security levels. This flaw allows unauthorized users to exploit the theme's security mechanisms, potentially leading to unauthorized access or manipulation of sensitive resources. Users and administrators are urged to upgrade to the latest version to mitigate potential risks.

Affected Version(s)

Miraculous <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Theme/mirac...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity) | Patchstack Bug Bounty Program
JSON
.