Primary

Context

Sovica Target Video Easy Publish Missing Authorization Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A missing authorization vulnerability has been identified in the Sovica Target Video Easy Publish plugin, affecting versions through 3.8.8. This vulnerability allows for arbitrary code execution, enabling malicious actors to execute unauthorized code on the affected site.

Impact

Exploitation of this vulnerability could lead to unauthorized arbitrary code execution on the affected WordPress site.

Remediation

Patchstack has issued a virtual patch to mitigate this vulnerability by blocking attacks until an official fix is available. WordPress site owners can apply this virtual patch through Patchstack.

Added: Sep 9, 2025, 7:12 PM

Updated: Sep 9, 2025, 7:12 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sovica Target Video Easy Publish Missing Authorization Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating