Base Score

HIGH7.6

CVE-2025-53230

Missing Authorization vulnerability in honzat Page Manager for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Page Manager for Elementor: from n/a through 2.0.5.

VectorNETWORK

Published Byaudit@patchstack.com

Published DateAug 28, 2025, 13:16

Weakness Type (CWE):CWE-862

CVSS Metrics

Base Score

7.6

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

LOW

Integrity (I)

LOW

Availability (A)

HIGH

References

https://patchstack.com/database/wordpress/plugin/page-manager-for-elementor/vulnerability/wordpress-page-manager-for-elementor-plugin-2-0-5-broken-access-control-vulnerability?_s_id=cve

Base Score

HIGH7.6

Weakness Type (CWE):CWE-862

CVSS Metrics

Base Score

7.6

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

LOW

Integrity (I)

LOW

Availability (A)

HIGH