CVE-2025-67583

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

issing Authorization vulnerability in ThemeAtelier IDonate idonate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonate: from n/a through <= 2.1.15.

References

Link	Resource
https://patchstack.com/database/Wordpress/Plugin/idonate/vulnerability/wordpress-idonate-plugin-2-1-15-broken-access-control-vulnerability?_s_id=cve

Configurations

Configuration 1 (hide)

cpe:2.3:a:themeatelier:idonate:*:*:*:*:*:wordpress:*:*

History

20 Jan 2026, 15:19

Type	Values Removed	Values Added
References	{'url': 'https://vdp.patchstack.com/database/Wordpress/Plugin/idonate/vulnerability/wordpress-idonate-plugin-2-1-15-broken-access-control-vulnerability?_s_id=cve', 'tags': ['Third Party Advisory'], 'source': '[email protected]'}	() https://patchstack.com/database/Wordpress/Plugin/idonate/vulnerability/wordpress-idonate-plugin-2-1-15-broken-access-control-vulnerability?_s_id=cve -

12 Dec 2025, 12:30

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-09 16:18

Updated : 2026-01-20 15:19

NVD link : CVE-2025-67583

Mitre link : CVE-2025-67583

CVE.ORG link : CVE-2025-67583

JSON object : View

Products Affected

themeatelier

idonate

CWE

CWE-862

Missing Authorization

5.3 /10