Sensitive Data Exposure in weDevs WP ERP Plugin
CVE-2025-67546

Currently unrated

Key Information:

Vendor

WordPress
Status
WP Erp
Vendor
CVE Published:
18 December 2025

What is CVE-2025-67546?

The weDevs WP ERP plugin is susceptible to a vulnerability that allows an unauthorized entity to retrieve sensitive embedded data. This exposure can lead to significant privacy issues, as attackers could gain access to critical information. Affected versions include all releases from n/a up to and including 1.16.6, highlighting the need for immediate updates and enhanced security measures.

Affected Version(s)

WP ERP <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/erp/...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

daroo | Patchstack Bug Bounty Program
JSON
.
CVE-2025-67546 : Sensitive Data Exposure in weDevs WP ERP Plugin