CVE-2025-22665 – RapidLoad

Published : 2025-03-27

Title: WordPress RapidLoad plugin <= 2.4.4 – Broken Access Control vulnerability

Description

Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RapidLoad: from n/a through 2.4.4.

CWE

CWE-862 Missing Authorization

CVSS

Score	Severity	Version	Vector String
4.3	MEDIUM	3.1	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Vendor : n/a

Product: RapidLoad

Vulnerable Versions: n/a through 2.4.4

Proof of Concept:

REDACTED

Vulnerability found by: DFEND Security Researcher

References:

– https://patchstack.com/database/wordpress/plugin/unusedcss/vulnerability/wordpress-rapidload-plugin-2-4-4-broken-access-control-vulnerability?_s_id=cve
– https://www.cve.org/CVERecord?id=CVE-2025-22665

Gallery

Contacts

CVE-2025-22665 – RapidLoad

Description

DFEND S.R.L.

CONTATTI

Gallery

Contacts

Description

CVE-2024-50407 – Namaste! LMS

CVE-2025-26984 – SMS Alert Order Notifications – WooCommerce

DFEND S.R.L.

CONTATTI