CVE Catalog
CVE-2025-66076
MediumCVSS 5.3Summary
The Woostify Sites Library plugin version 1.6.2 and earlier contains a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized access to template library functions.
Risk Assessment
An unauthenticated attacker can access sensitive resources or administrative functions, potentially leading to data leakage or unauthorized modifications to the site.
Recommendation
Immediately update the Woostify Sites Library plugin to the latest available version that addresses this vulnerability.
Original NVD description (English source)
Unauthenticated Broken Access Control in Woostify Sites Library <= 1.6.2 versions.

