CVE-2025-49974

All FrameworksWordPressCWE-862CVE-2025-49974

CVE-2025-49974

State: PUBLISHED · Published: 2025-06-20 · Updated: 2026-04-01 · Assigner: Patchstack
Description
Missing Authorization vulnerability in upstreamplugin UpStream: a Project Management Plugin for WordPress upstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UpStream: a Project Management Plugin for WordPress: from n/a through <= 2.1.1.
CWE
Affected
CVSS
References
Source
cvelistV5-main/cves/2025/49xxx/CVE-2025-49974.json