First published: Sun Feb 16 2025(Updated: )
Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.0.20.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
WordPress LTL Freight Quotes Plugin | <=5.0.20 | |
WordPress LTL Freight Quotes Plugin | <=5.0.20 |
Update the WordPress LTL Freight Quotes – Worldwide Express Edition plugin to the latest available version (at least 5.0.21).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2025-22291 is considered high due to the potential for unauthorized access and exploitation.
To fix CVE-2025-22291, update the LTL Freight Quotes – Worldwide Express Edition plugin to a version later than 5.0.20.
CVE-2025-22291 affects the LTL Freight Quotes – Worldwide Express Edition plugin for WordPress up to version 5.0.20.
Yes, CVE-2025-22291 can lead to data breaches due to improperly configured access controls allowing unauthorized access.
Yes, a patch is available in newer releases of the LTL Freight Quotes – Worldwide Express Edition plugin beyond version 5.0.20.