CVE-2025-59133

HIGH

WordPress Projectopia plugin <= 5.1.25.2 - Insecure Direct Object References (IDOR) vulnerability

Title source: cna

Custom role Insecure Direct Object References (IDOR) in Projectopia <= 5.1.25.2 versions.

Core 1

Core References

Vdb Entry vdb-entry

CVSS v3 7.5

EPSS 0.0029

EPSS Percentile 20.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

CWE

CWE-639

Status published

Products (1)

Projectopia/Projectopia < 5.1.25.2

Published Jun 15, 2026

Tracked Since Jun 16, 2026