CVE-2025-53217

Published Feb 20, 2026

Last updated 4 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-53217 is identified as a Missing Authorization vulnerability affecting the WordPress AIO WP Builder plugin, specifically in versions up to and including 2.0.2. This flaw is categorized as a Broken Access Control vulnerability. The vulnerability allows for the exploitation of incorrectly configured access control security levels within the plugin.

Description
Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through <= 2.0.2.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Weaknesses

audit@patchstack.com
CWE-862

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

3

  1. CVE-2025-53217 Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This iss… https://t.co/JvUOyciolf

    @CVEnew

    22 Feb 2026

    1190 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.