๐Ÿ” CVE Alert

CVE-2025-57130

HIGH 8.3
CVSS Score
8.3
EPSS Score
0.0%
EPSS Percentile
0th

An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attacker to escalate their privileges. By sending a specially crafted HTTP request, a low-privilege user can access and modify the profile data of any other user, including administrators.

Vendor n/a
Product n/a
Published Nov 5, 2025
Last Updated Jul 5, 2026
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new high vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AC:L/AV:N/A:L/C:H/I:H/PR:L/S:U/UI:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
blog.nivel4.com: https://blog.nivel4.com/noticias/cve-2025-57130-especialistas-de-nivel4-identifican-falla-de-alta-severidad-en-gestor-de-contenidos