Search criteria
5 vulnerabilities by emagicone
CVE-2026-42773 (GCVE-0-2026-42773)
Vulnerability from cvelistv5 – Published: 2026-05-25 22:35 – Updated: 2026-05-26 10:49 X_Open Source
VLAI
Title
WordPress eMagicOne Store Manager plugin <= 1.3.2 - SQL Injection vulnerability
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.
This issue affects eMagicOne Store Manager: from n/a through 1.3.2.
Severity
9.3 (Critical)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eMagicOne | eMagicOne Store Manager |
Affected:
n/a , ≤ 1.3.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:41:02.146642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:49:46.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "store-manager-connector",
"product": "eMagicOne Store Manager",
"vendor": "eMagicOne",
"versions": [
{
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Ossacip Thanh | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.\u003cp\u003eThis issue affects eMagicOne Store Manager: from n/a through 1.3.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.\n\nThis issue affects eMagicOne Store Manager: from n/a through 1.3.2."
}
],
"impacts": [
{
"capecId": "CAPEC-7",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-7 Blind SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-25T22:35:22.966Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/store-manager-connector/vulnerability/wordpress-emagicone-store-manager-plugin-1-3-2-sql-injection-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "WordPress eMagicOne Store Manager plugin \u003c= 1.3.2 - SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-42773",
"datePublished": "2026-05-25T22:35:22.966Z",
"dateReserved": "2026-04-29T11:42:26.336Z",
"dateUpdated": "2026-05-26T10:49:46.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5058 (GCVE-0-2025-5058)
Vulnerability from cvelistv5 – Published: 2025-05-24 03:37 – Updated: 2026-04-08 17:05
VLAI
Title
eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image()
Summary
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_image() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials.
Severity
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| emagicone | eMagicOne Store Manager for WooCommerce |
Affected:
0 , ≤ 1.2.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5058",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-24T09:58:48.859497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-24T09:59:00.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "eMagicOne Store Manager for WooCommerce",
"vendor": "emagicone",
"versions": [
{
"lessThanOrEqual": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryan Kozak"
}
],
"descriptions": [
{
"lang": "en",
"value": "The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_image() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:05:36.718Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8a00ece0-6644-4535-86aa-d0802d94a1a7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmconnectorcommon.php#L2115"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmcwoocommerceoverrider.php#L272"
},
{
"url": "https://github.com/d0n601/CVE-2025-5058/"
},
{
"url": "https://ryankozak.com/posts/cve-2025-5058/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3308544/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T14:33:44.000Z",
"value": "Disclosed"
}
],
"title": "eMagicOne Store Manager for WooCommerce \u003c= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image()"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-5058",
"datePublished": "2025-05-24T03:37:32.831Z",
"dateReserved": "2025-05-21T14:42:07.720Z",
"dateUpdated": "2026-04-08T17:05:36.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4603 (GCVE-0-2025-4603)
Vulnerability from cvelistv5 – Published: 2025-05-24 03:37 – Updated: 2026-04-08 16:42
VLAI
Title
eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Deletion
Summary
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials.
Severity
9.1 (Critical)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| emagicone | eMagicOne Store Manager for WooCommerce |
Affected:
0 , ≤ 1.2.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-24T10:02:25.466282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-24T10:03:20.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "eMagicOne Store Manager for WooCommerce",
"vendor": "emagicone",
"versions": [
{
"lessThanOrEqual": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryan Kozak"
}
],
"descriptions": [
{
"lang": "en",
"value": "The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:42:09.952Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/242ad00b-3602-4988-ab7a-76fba2e9d4cf?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/smconnector.php#L35-36"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmconnectorcommon.php#L2167"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmcwoocommerceoverrider.php#L380"
},
{
"url": "https://github.com/d0n601/CVE-2025-4603/"
},
{
"url": "https://ryankozak.com/posts/cve-2025-4603/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3308544/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T14:33:21.000Z",
"value": "Disclosed"
}
],
"title": "eMagicOne Store Manager for WooCommerce \u003c= 1.2.5 - Unauthenticated Arbitrary File Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-4603",
"datePublished": "2025-05-24T03:37:32.048Z",
"dateReserved": "2025-05-12T18:07:39.510Z",
"dateUpdated": "2026-04-08T16:42:09.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4336 (GCVE-0-2025-4336)
Vulnerability from cvelistv5 – Published: 2025-05-24 03:37 – Updated: 2026-04-08 16:52
VLAI
Title
eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()
Summary
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials.
Severity
8.1 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| emagicone | eMagicOne Store Manager for WooCommerce |
Affected:
0 , ≤ 1.2.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-24T10:00:43.713497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-24T10:01:00.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "eMagicOne Store Manager for WooCommerce",
"vendor": "emagicone",
"versions": [
{
"lessThanOrEqual": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryan Kozak"
}
],
"descriptions": [
{
"lang": "en",
"value": "The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:52:59.138Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5323dbb7-3893-4b43-838b-6326505b2fb7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/smconnector.php#L35-36"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmcwoocommerceoverrider.php"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmcwoocommerceoverrider.php#L441"
},
{
"url": "https://ryankozak.com/posts/cve-2025-4336"
},
{
"url": "https://github.com/d0n601/CVE-2025-4336"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3308544/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T14:33:08.000Z",
"value": "Disclosed"
}
],
"title": "eMagicOne Store Manager for WooCommerce \u003c= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-4336",
"datePublished": "2025-05-24T03:37:32.435Z",
"dateReserved": "2025-05-05T15:40:59.839Z",
"dateUpdated": "2026-04-08T16:52:59.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4602 (GCVE-0-2025-4602)
Vulnerability from cvelistv5 – Published: 2025-05-24 03:37 – Updated: 2026-04-08 16:41
VLAI
Title
eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read
Summary
The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the get_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials.
Severity
5.9 (Medium)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| emagicone | eMagicOne Store Manager for WooCommerce |
Affected:
0 , ≤ 1.2.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-24T10:03:49.834799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-24T10:03:59.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "eMagicOne Store Manager for WooCommerce",
"vendor": "emagicone",
"versions": [
{
"lessThanOrEqual": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryan Kozak"
}
],
"descriptions": [
{
"lang": "en",
"value": "The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Reads in all versions up to, and including, 1.2.5 via the get_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:41:18.408Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20caab24-4af7-4592-9b18-f2f5acb423c9?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/smconnector.php#L35-36"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmconnectorcommon.php#L2220"
},
{
"url": "https://plugins.trac.wordpress.org/browser/store-manager-connector/trunk/classes/class-emosmcwoocommerceoverrider.php#L426"
},
{
"url": "https://github.com/d0n601/CVE-2025-4602/"
},
{
"url": "https://ryankozak.com/posts/cve-2025-4602/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3308544/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T14:33:31.000Z",
"value": "Disclosed"
}
],
"title": "eMagicOne Store Manager for WooCommerce \u003c= 1.2.5 - Unauthenticated Arbitrary File Read"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-4602",
"datePublished": "2025-05-24T03:37:31.470Z",
"dateReserved": "2025-05-12T18:05:57.416Z",
"dateUpdated": "2026-04-08T16:41:18.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}