CVE-2025-54037

EUVD-2025-21665
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through <= 1.3.4.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
PatchstackCNA
UNKNOWN
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
blazethemesnews_kit_elementor_addons
𝑥
≤ 1.3.4
CNA
Common Weakness Enumeration
References
https://patchstack.com/database/Wordpress/Plugin/news-kit-elementor-addons/vulnerability/wordpress-news-kit-elementor-addons-plugin-1-3-4-broken-access-control-vulnerability?_s_id=cve