Filtered by vendor Dreamstechnologies
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8572 | 2 Dreamstechnologies, Wordpress | 2 Truelysell Core, Wordpress | 2026-02-16 | 9.8 Critical |
| The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access. | ||||
Page 1 of 1.