cleantalk
Vulnerabilities and Security Researches

Local Magic, CVE-2025-31858

CVE, Research URL

CVE-2025-31858

Home page URL

Security reports for Local Magic

Application

Local Magic

Published on
Apr 03, 2025
Research Description
Missing Authorization vulnerability in matthewrubin Local Magic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Local Magic: from n/a through 2.6.0.
Affected versions
max 2.6.0.
Status
vulnerable
Previous vulnerability researches
Local Magic (CVE-2025-31858) , Apr 05, 2025
Local Magic (CVE-2025-32636) , Apr 19, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025