Broken Access Control in JayBee Twitch Player Affects Security Levels
CVE-2025-68565

Currently unrated

Key Information:

Vendor

WordPress
Status
Twitch Player
Vendor
CVE Published:
24 December 2025

What is CVE-2025-68565?

A missing authorization vulnerability in the JayBee Twitch Player allows attackers to exploit improperly configured access control security levels. This issue can expose sensitive functions to unauthorized users, enabling potential manipulation or data leaks. The vulnerability affects all versions up to and including 2.1.3, highlighting the importance of implementing robust access control measures to safeguard user data and system integrity.

Affected Version(s)

Twitch Player <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/ttv-...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Legion Hunter | Patchstack Bug Bounty Program
JSON
.
CVE-2025-68565 : Broken Access Control in JayBee Twitch Player Affects Security Levels