CVE-2025-47628

{"id": "CVE-2025-47628", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2025-05-07T15:16:15.990", "references": [{"url": "https://patchstack.com/database/wordpress/plugin/qs-dark-mode/vulnerability/wordpress-qs-dark-mode-3-0-broken-access-control-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in quomodosoft QS Dark Mode allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QS Dark Mode: from n/a through 3.0."}, {"lang": "es", "value": "La vulnerabilidad de falta de autorizaci\u00f3n en quomodosoft QS Dark Mode permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al modo oscuro de QS desde la versi\u00f3n n/d hasta la 3.0."}], "lastModified": "2025-05-08T14:39:09.683", "sourceIdentifier": "audit@patchstack.com"}