Security Advisory

CVE-2025-5304

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-28 05:29:51

Last updated 2025-06-30 18:32:41

Assigner Wordfence

State PUBLISHED

Description

The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the wpnb_pto_new_users_add() function in versions 1.0.0 through 1.1.3. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.

← Browse all CVEs View on cve.org ↗