[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ffBLyVNJPwXx_9u-awXpCwBBwpcVyk3HE7-4WMk2Ta8o":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2025-32486","material-dashboard-unauthenticated-privilege-escalation-2","Material Dashboard \u003C= 1.4.6 - Unauthenticated Privilege Escalation","The Material Dashboard plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.6. This is due to the plugin not utilizing sufficiently random values in the publicAjaxHandler() function. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.","material-dashboard",null,"\u003C=1.4.6","1.4.7","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Privilege Management","2025-04-14 00:00:00","2025-04-22 19:04:09",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc7214f90-a205-4d7e-94c8-ee07515ebbf1?source=api-prod",9]