CVE-2025-14545: The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation...

Description

The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation process.

Ghostwire Analysis — What This Means Practically

Exploitation Probability (EPSS): Low — 0.09% (26th percentile)

Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.

Critical CVSS score indicates maximum severity — remote code execution, authentication bypass, or complete system compromise is likely possible.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

CVE-2025-14545: The YML for Yandex Market WordPress plugin before 5.0.26 is vulnerable to Remote Code Execution via the feed generation...

Description

Ghostwire Analysis — What This Means Practically

Security Coverage (2 articles)

References