cleantalk
Vulnerabilities and Security Researches

VG WORT METIS, CVE-2025-5812

CVE, Research URL

CVE-2025-5812

Home page URL

Security reports for VG WORT METIS

Application

VG WORT METIS

Published on
Jun 26, 2025
Research Description
The VG WORT METIS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gutenberg_save_post() function in all versions up to, and including, 2.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited post settings.
Affected versions
Min -, max 2.0.0.
Status
vulnerable
Previous vulnerability researches
VG WORT METIS (CVE-2025-5812) , Jul 02, 2025
VG WORT METIS (CVE-2025-50039) , Jul 03, 2025
New vulnerability
CSV Importer Improved (CVE-2025-50013) , Jul 04, 2025
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more (CVE-2025-53203) , Jul 04, 2025
Infility Global (CVE-2025-52774) , Jul 04, 2025
Additional Order Filters for WooCommerce (CVE-2025-53271) , Jul 04, 2025
Aviation Weather from NOAA (CVE-2025-28980) , Jul 04, 2025