Primary

Context

Flynax Bridge WordPress Plugin Unauthenticated User Deletion Vulnerability

Vulnerability

A vulnerability exists in the Flynax Bridge plugin for WordPress, allowing unauthenticated attackers to delete arbitrary users. This issue arises from a missing capability check in the deleteUser() function, affecting all versions through 2.2.0.

Impact

Exploitation of this vulnerability allows for unauthorized deletion of users, which could disrupt user management and access control on the affected WordPress site.

Remediation

No known patch is available. It is recommended to review the vulnerability details and consider uninstalling the affected plugin.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

8.2

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

8.2

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Flynax Bridge WordPress Plugin Unauthenticated User Deletion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Flynax Bridge

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating