CVE Catalog

CVE-2025-69332

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

24th percentile — higher than 24% of all known CVEs

Summary

There is a broken access control issue in Bookify versions up to 1.1.1 that may allow subscribers unauthorized access to resources.

Risk Assessment

The organization may be exposed to unauthorized access to subscriber data, potentially leading to information leaks and privacy violations.

Recommendation

It is recommended to upgrade to the latest version of Bookify to mitigate the access control vulnerability.

Original NVD description (English source)

Subscriber Broken Access Control in Bookify <= 1.1.1 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS