CVE-2025-64219

{"id": "CVE-2025-64219", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-10-29T09:15:42.867", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/business-directory-plugin/vulnerability/wordpress-business-directory-plugin-6-4-18-broken-access-control-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in Strategy11 Team Business Directory business-directory-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business Directory: from n/a through <= 6.4.18."}, {"lang": "es", "value": "Vulnerabilidad de falta de autorizaci\u00f3n en el plugin de directorio de negocios Strategy11 Team Business Directory permite la explotaci\u00f3n de niveles de seguridad de control de acceso mal configurados. Este problema afecta a Business Directory: desde n/a hasta menor igual que 6.4.18."}], "lastModified": "2026-01-20T15:18:44.927", "sourceIdentifier": "audit@patchstack.com"}