Description

Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by other accounts

Remediation

References

CVE-2025-52670

Related Vulnerabilities

Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-45892)

WordPress Plugin Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2)

WordPress Plugin FL3R FeelBox Multiple Vulnerabilities (8.1)

WordPress Plugin YouSayToo auto-publishing 'submit' Parameter Cross-Site Scripting (1.0.1)

WordPress Plugin Flipbox-Awesomes Flip Boxes Image Overlay Security Bypass (2.6.0)

Severity

Medium

Classification

CVE-2025-52670 CWE-639 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities