Multiple WordPress Plugins Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-46258 CVSS:5.4

Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0.

CVE-2025-46257 CVSS:4.3

Cross-Site Request Forgery (CSRF) vulnerability in BdThemes Element Pack Pro allows Cross Site Request Forgery.This issue affects Element Pack Pro: from n/a before 8.0.0.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2025-46258
CVE-2025-46257

Affected Vendors

WordPress

Affected Products

BdThemes Element Pack Pro - n/a

Remediation

Update the WordPress plugin to the latest available version.

CVE-2025-46258

CVE-2025-46257

New Phishing Attack Hides Malicious Link from Outlook Users

Apache Tomcat DoS Vulnerability PoC Released

Multiple WordPress Plugins Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan