Access Control Vulnerability in Ays Pro Easy Form Plugin by WordPress
CVE-2025-66117
7.5HIGH
What is CVE-2025-66117?
Ays Pro Easy Form plugin for WordPress is impacted by a missing authorization vulnerability, which arises from incorrectly configured access control security settings. This flaw permits unauthorized users to exploit the system, potentially accessing sensitive information or performing tasks beyond their assigned permissions. The issue affects all versions from n/a up to and including 2.7.8, necessitating immediate attention from website administrators to secure their installations against potential exploits.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Easy Form <= n/a
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Doan Dinh Van | Patchstack Bug Bounty Program