Access Control Vulnerability in Text To Speech TTS Accessibility by Azizul Hasan
CVE-2025-58664
4.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 22 September 2025
What is CVE-2025-58664?
A significant security concern has been identified in the Text To Speech TTS Accessibility plugin developed by Azizul Hasan. This vulnerability arises from improperly configured access control mechanisms, potentially allowing unauthorized users to exploit the system. Affected versions include anything prior to 1.9.20, which poses risks of unauthorized access to sensitive functionalities within the plugin.
Affected Version(s)
Text To Speech TTS Accessibility <= 1.9.20
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Denver Jackson (Patchstack Alliance)