Access Control Flaw in PropertyHive Plugin by Property Hive
CVE-2025-66088

Currently unrated

Key Information:

Vendor: WordPress
Status: Propertyhive
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-66088?

The Property Hive PropertyHive plugin is affected by a missing authorization vulnerability that can allow attackers to exploit incorrectly configured access control security levels. This issue impacts versions up to and including 2.1.12, potentially leading to unauthorized access to sensitive functionalities within the application. Website administrators are advised to review their security settings and apply necessary updates to mitigate the risk associated with this vulnerability.