What is CVE-2025-13342?

CVE-2025-13342 is a critical-severity vulnerability in Shabti Frontend Admin By Dynamiapps, classified under Missing Authorization. CVSS score: 9.8/10. Published 2025-12-03.

How severe is CVE-2025-13342?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Is CVE-2025-13342 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Shabti Frontend Admin By Dynamiapps

CVE-2025-13342

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validati…

Vulnerability class: Broken Access Control

EPSS: 0.001 (22.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Shabti Frontend Admin By Dynamiapps — versions 0

Weakness classification (CWE)

CWE-862 — Missing Authorization

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-13342?: CVE-2025-13342 is a critical-severity vulnerability in Shabti Frontend Admin By Dynamiapps, classified under Missing Authorization. CVSS score: 9.8/10. Published 2025-12-03.
How severe is CVE-2025-13342?: Critical severity. CVSS v3 base score is 9.8 out of 10.
Is CVE-2025-13342 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.