CVE-2025-14892

CRITICAL 9.8

Prime Listing Manager <= 1.1 - Unauthenticated Privilege Escalation

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

6th

The Prime Listing Manager WordPress plugin through 1.1 allows an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions due to a hardcoded secret.

Vendor	unknown
Product	prime listing manager
Published	Feb 12, 2026
Last Updated	Apr 2, 2026

Stay Ahead of the Next One

Get instant alerts for unknown prime listing manager

Be the first to know when new critical vulnerabilities affecting unknown prime listing manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Prime Listing Manager

0 ≤ 1.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/d12332ec-1d0c-4ff5-94e0-7c4470bdb79c/

Credits

Khaled Alenazi (Nxploited) WPScan