CVE-2025-3417P2HIGHCVSS 8.8≥ 1.3, ≤ 1.3.52025-04-10
CVE-2025-3417 [HIGH] CWE-862 CVE-2025-3417: The Embedder plugin for WordPress is vulnerable to unauthorized modification of data that can lead t
The Embedder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_set_global_option() function in versions 1.3 to 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the Word
nvd