CVE-2025-23971: WordPress KI Live Video Conferences <= 5.5.15 - Broken Access Control Vulnerability

5.3 CVSS

Description

Missing Authorization vulnerability in whassan KI Live Video Conferences allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects KI Live Video Conferences: from n/a through 5.5.15.

Classification

CVE ID: CVE-2025-23971

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Problem Types

CWE-862 Missing Authorization

Affected Products

Vendor: whassan

Product: KI Live Video Conferences

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23971
https://patchstack.com/database/wordpress/plugin/ki-live-video-conferences/vulnerability/wordpress-ki-live-video-conferences-5-5-15-broken-access-control-vulnerability?_s_id=cve

Timeline