Missing Authorization Vulnerability in Blog Designer PRO by Solwin
CVE-2025-58711
5.3MEDIUM
What is CVE-2025-58711?
The Blog Designer PRO plugin by Solwin contains a missing authorization vulnerability that allows unauthorized access to functionalities not properly constrained by access control lists (ACLs). This issue affects versions of Blog Designer PRO up to 3.4.8, potentially exposing sensitive features to unauthorized users.
Affected Version(s)
Blog Designer PRO <= n/a
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Trương Hữu Phúc (truonghuuphuc) | Patchstack Bug Bounty Program