Access Control Misconfiguration in wpWax Directorist by WordPress
CVE-2025-68069
7.1HIGH
What is CVE-2025-68069?
A missing authorization vulnerability in wpWax Directorist allows attackers to exploit incorrectly configured access control levels. This could enable unauthorized users to access restricted areas and information within the plugin, impacting the integrity and confidentiality of the application's data. Users of Directorist versions from n/a up to 8.5.10 are advised to review their access control configurations and apply necessary security updates.
Affected Version(s)
Directorist 0 <= 8.6.6