GSD-2023-25446 — Vulnetix

GSD-2023-25446 PUBLISHED CVSS 7.699999809265137 HIGH

Missing Authorization vulnerability in HappyFiles HappyFiles Pro happyfiles-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1.

Risk Scores

CVSS v3.1

7.699999809265137

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
HappyFiles	HappyFiles Pro	n/a

Timeline

Dec 21, 2025 CVE Published
Dec 21, 2025 PoC Published
Dec 22, 2025 PoC Published

References

https://vdp.patchstack.com/database/wordpress/plugin/happyfiles-pro/vulnerability/wordpress-happyfiles-pro-plugin-1-8-1-broken-access-control?_s_id=cve vdb

Open in Interactive Console →