Missing Authorization Issue in NinjaTeam FileBird Pro Plugin
CVE-2025-66134

Currently unrated

Key Information:

Vendor: WordPress
Status: Filebird Pro
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-66134?

The NinjaTeam FileBird Pro plugin for WordPress is susceptible to a missing authorization vulnerability, which can lead to the exploitation of incorrectly configured access control security levels. This oversight may allow unauthorized users to gain access to sensitive functionalities, putting the integrity of content management at risk. Affected versions include all prior to and including 6.4.9.

Affected Version(s)

FileBird Pro <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/file...

vdb-entry

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Nov 21, 2025

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program

JSON