Authorization Flaw in ThemeNectar Salient Product
CVE-2025-62028

Currently unrated

Key Information:

Vendor

WordPress
Status
Salient
Vendor
CVE Published:
6 November 2025

What is CVE-2025-62028?

There is a missing authorization vulnerability in ThemeNectar's Salient theme that could allow unauthorized users to gain access to restricted features, leading to potential exploitation. This issue affects versions from n/a through below 17.4.0, posing a security risk for sites using the product. It is crucial for users to update their installations to ensure protection against this access control issue.

Affected Version(s)

Salient <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Theme/salie...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
JSON
.
CVE-2025-62028 : Authorization Flaw in ThemeNectar Salient Product