Security Advisory

CVE-2025-11816

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-01 01:47:40
Last updated 2026-04-08 16:41:21
Assigner Wordfence
State PUBLISHED

Description

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnect_account_request() function in all versions up to, and including, 3.5.1. This makes it possible for unauthenticated attackers to disconnect the site from its API plan.