Missing Authorization Vulnerability in WP Social Ninja Plugin by Mahmudul Hasan Arif
CVE-2025-64375

Currently unrated

Key Information:

Vendor

WordPress
Status
WP Social Ninja
Vendor
CVE Published:
18 December 2025

What is CVE-2025-64375?

A missing authorization vulnerability exists in the WP Social Ninja plugin developed by Mahmudul Hasan Arif. This flaw allows attackers to exploit incorrectly configured access control security levels, potentially compromising user data and actions within the platform. The issue affects all versions up to and including 3.20.1, enabling unauthorized users to perform actions that should be restricted.

Affected Version(s)

WP Social Ninja <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/wp-s...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nabil Irawan | Patchstack Bug Bounty Program
JSON
.
CVE-2025-64375 : Missing Authorization Vulnerability in WP Social Ninja Plugin by Mahmudul Hasan Arif