What the vulnerability does
01Description
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
CVSS base score
—
Key dates
02Disclosure timeline
December 6, 2022
CVE published
April 23, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-32725 WordPress 5 Stars Rating Funnel plugin 1.2.67 - Broken Access Control vulnerability
CVE-2023-33922 WordPress Elementor plugin <= 3.13.2 - Broken Access Control vulnerability
CVE-2024-36326
CVE-2024-5641 One Click Order Re-Order <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting
CVE-2025-10184 OnePlus OxygenOS Telephony provider permission bypass
