CVE-2025-1326 – Homey WordPress Missing Capability Check Data Deletion Vulnerability

May 2, 2025

CVE ID : CVE-2025-1326

Published : May 2, 2025, 4:15 a.m. | 3 hours, 5 minutes ago

Description : The Homey theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the homey_reservation_del() function in all versions up to, and including, 2.4.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary reservations and posts.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-13420 – WordPress Envato Theme/Plugin Unauthorized Access Vulnerability

Next Article CVE-2025-1327 – “Homey WordPress Theme Insecure Direct Object Reference Vulnerability”

IBM launches new integration to help unify AI security and governance

Meet Accessible UX Research, A Brand-New Smashing Book

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

With Windows 10 circling the drain, Windows 11 sees a long-overdue surge

This PC app boosts FPS in any game on any GPU for only $7 — and it just got a major update

Sam Altman claims Meta is trying to poach OpenAI staffers with $100 million bonuses, but “none of our best people have decided to take them up on that”

Why Inclusive Design Solutions Are important for Accessibility

Why Inclusive Design Solutions Are important for Accessibility

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

With Windows 10 circling the drain, Windows 11 sees a long-overdue surge

This PC app boosts FPS in any game on any GPU for only $7 — and it just got a major update

CVE-2025-1326 – Homey WordPress Missing Capability Check Data Deletion Vulnerability

CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

Photonic processor could streamline 6G wireless signal processing

CVE-2025-47939 – TYPO3 File Upload Vulnerability (Unrestricted File Type Upload)

MuZero, AlphaZero, and AlphaDev: Optimizing computer systems

Dune: Awakening hits a concurrent player milestone before the game officially launches — overtaking DOOM, Veilguard, Assassin’s Creed, and other major titles

Community News: Latest PECL Releases (04.15.2025)

This 75-inch 4K Hisense Fire TV is a steal at nearly 30% off on Amazon

CVE-2025-48143 – SalesUp! Cross-site Scripting (XSS)

PoC Tool Released for Max Severity Apache Parquet Vulnerability to Detect Affected Servers

CVE-2025-1326 – Homey WordPress Missing Capability Check Data Deletion Vulnerability

Related Posts