Kamleshyadav Miraculous Core Plugin vulnerabilities
3 known vulnerabilities affecting kamleshyadav/miraculous_core_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-49388P2CRITICALCVSS 9.8≤ 2.0.72025-08-28
CVE-2025-49388 [CRITICAL] CWE-266 CVE-2025-49388: Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore a
Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Privilege Escalation.This issue affects Miraculous Core Plugin: from n/a through <= 2.0.7.
nvd
CVE-2025-58627P3CRITICALCVSS 9.8≤ 2.0.92025-11-06
CVE-2025-58627 [CRITICAL] CWE-639 CVE-2025-58627: Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugi
Authorization Bypass Through User-Controlled Key vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous Core Plugin: from n/a through < 2.0.9.
nvd
CVE-2026-32516P3HIGHCVSS 8.5≥ n/a, ≤ < 2.1.22026-03-25
CVE-2026-32516 [HIGH] CWE-89 CVE-2026-32516: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through < 2.1.2.
nvd