{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-30797", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-03-26T09:20:18.315Z", "datePublished": "2025-04-01T05:31:37.040Z", "dateUpdated": "2026-04-01T15:47:32.952Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "greek-multi-tool", "product": "Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more", "vendor": "bigdrop.gr", "versions": [{"changes": [{"at": "2.3.2", "status": "unaffected"}], "lessThanOrEqual": "2.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:36:23.535Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more: from n/a through <= 2.3.1.</p>"}], "value": "Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more: from n/a through <= 2.3.1."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T15:47:32.952Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/greek-multi-tool/vulnerability/wordpress-greek-multi-tool-fix-peralinks-accents-auto-create-menus-and-more-plugin-2-3-1-broken-access-control-vulnerability?_s_id=cve"}], "title": "WordPress Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Broken Access Control Vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-01T13:17:03.269779Z", "id": "CVE-2025-30797", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-01T13:17:14.257Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30797", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-01T13:17:03.269779Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-01T13:17:08.360Z"}}], "cna": {"title": "WordPress Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Broken Access Control Vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) (Patchstack Alliance)"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "bigdrop.gr", "product": "Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more", "versions": [{"status": "affected", "changes": [{"at": "2.3.2", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "2.3.1"}], "packageName": "greek-multi-tool", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update the WordPress Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more plugin to the latest available version (at least 2.3.2).", "supportingMedia": [{"type": "text/html", "value": "Update the WordPress Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more plugin to the latest available version (at least 2.3.2).", "base64": false}]}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/greek-multi-tool/vulnerability/wordpress-greek-multi-tool-fix-peralinks-accents-auto-create-menus-and-more-plugin-2-3-1-broken-access-control-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more: from n/a through 2.3.1.", "supportingMedia": [{"type": "text/html", "value": "<p>Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more allows Exploiting Incorrectly Configured Access Control Security Levels.</p><p>This issue affects Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more: from n/a through 2.3.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2025-04-01T05:31:37.040Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30797", "state": "PUBLISHED", "dateUpdated": "2025-04-01T13:17:14.257Z", "dateReserved": "2025-03-26T09:20:18.315Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2025-04-01T05:31:37.040Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more: from n/a through <= 2.3.1."}, {"lang": "es", "value": "La vulnerabilidad de falta de autorizaci\u00f3n en bigdrop.gr Greek Multi Tool \u2013 Fix peralinks, accents, auto create menus and more permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a la Herramienta Multiusos Griega: Correcci\u00f3n de enlaces permanentes, acentos, creaci\u00f3n autom\u00e1tica de men\u00fas y m\u00e1s: desde n/d hasta la versi\u00f3n 2.3.1."}], "id": "CVE-2025-30797", "lastModified": "2026-04-01T17:20:17.777", "metrics": {}, "published": "2025-04-01T06:15:51.560", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/greek-multi-tool/vulnerability/wordpress-greek-multi-tool-fix-peralinks-accents-auto-create-menus-and-more-plugin-2-3-1-broken-access-control-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"created": "2025-07-12T16:01:33.283972+00:00", "updated": "2025-07-12T16:01:33.284019+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}