Missing Authorization Vulnerability in Addonify Plugin by WordPress
CVE-2025-68578
Currently unrated
What is CVE-2025-68578?
The Addonify plugin presents a significant security risk due to a Missing Authorization vulnerability that allows attackers to exploit incorrectly configured access control security levels. This issue affects versions of Addonify up to and including 2.0.4, enabling unauthorized access and actions that could compromise the integrity of WordPress sites utilizing this plugin. Proper configuration and timely updates are essential to mitigate these risks.
Affected Version(s)
Addonify <= n/a