CVE-2025-5486P2CRITICALCVSS 9.8≥ 1.0, ≤ 1.1.02025-06-06
CVE-2025-5486 [CRITICAL] CWE-862 CVE-2025-5486: The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capab
The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUG_handle_settings() function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled address and then trigger a password reset for an adm
nvd